CVE-2023-41842 - OpenCVE

A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer-BigData before 7.2.5 and Fortinet FortiPortal version 6.0 all versions and version 5.3 all versions allows a privileged attacker to execute unauthorized code or commands via specially crafted command arguments.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Fortinet	Fortianalyzer Bigdata Fortiportal Fortianalyzer Fortimanager

Configuration 1 [-]

OR	cpe:2.3:a:fortinet:fortianalyzer::::::::
	cpe:2.3:a:fortinet:fortianalyzer::::::::
	cpe:2.3:a:fortinet:fortianalyzer::::::::
	cpe:2.3:a:fortinet:fortianalyzer_bigdata::::::::
	cpe:2.3:a:fortinet:fortianalyzer_bigdata::::::::
	cpe:2.3:a:fortinet:fortianalyzer_bigdata::::::::
	cpe:2.3:a:fortinet:fortianalyzer_bigdata:6.2.5:::::::*
	cpe:2.3:a:fortinet:fortimanager::::::::
	cpe:2.3:a:fortinet:fortimanager::::::::
	cpe:2.3:a:fortinet:fortimanager::::::::
	cpe:2.3:a:fortinet:fortiportal::::::::

References

Link	Resource
https://fortiguard.com/psirt/FG-IR-23-304	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: fortinet

Published: 2024-03-12T15:09:16.279Z

Updated: 2024-03-12T15:09:16.279Z

Reserved: 2023-09-04T08:12:52.814Z

Link: CVE-2023-41842

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-03-12T15:15:45.920

Modified: 2024-03-21T21:04:13.000

Link: CVE-2023-41842

JSON object: View

Redhat Information

No data.

CWE

CWE-134

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-41842", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2023-09-04T08:12:52.814Z", "datePublished": "2024-03-12T15:09:16.279Z", "dateUpdated": "2024-03-12T15:09:16.279Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiManager", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.4.0", "lessThanOrEqual": "7.4.1", "status": "affected"}, {"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.3", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.9", "status": "affected"}, {"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.14", "status": "affected"}, {"versionType": "semver", "version": "6.2.0", "lessThanOrEqual": "6.2.12", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiAnalyzer", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.4.0", "lessThanOrEqual": "7.4.1", "status": "affected"}, {"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.3", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.9", "status": "affected"}, {"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.14", "status": "affected"}, {"versionType": "semver", "version": "6.2.0", "lessThanOrEqual": "6.2.12", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiPortal", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "6.0.0", "lessThanOrEqual": "6.0.14", "status": "affected"}, {"versionType": "semver", "version": "5.3.0", "lessThanOrEqual": "5.3.8", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer-BigData before 7.2.5 and Fortinet FortiPortal version 6.0 all versions and version 5.3 all versions allows a privileged attacker to execute unauthorized code or commands via specially crafted command arguments."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2024-03-12T15:09:16.279Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-134", "description": "Execute unauthorized code or commands", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiManager version 7.4.2 or above \nPlease upgrade to FortiManager version 7.2.4 or above \nPlease upgrade to FortiManager version 7.0.10 or above \nPlease upgrade to FortiAnalyzer version 7.4.2 or above \nPlease upgrade to FortiAnalyzer version 7.2.4 or above \nPlease upgrade to FortiAnalyzer version 7.0.10 or above \nPlease upgrade to FortiAnalyzer-BigData version 7.4.0 or above \nPlease upgrade to FortiAnalyzer-BigData version 7.2.6 or above \nPlease upgrade to FortiPortal version 7.0.0 or above \n"}], "references": [{"name": "https://fortiguard.com/psirt/FG-IR-23-304", "url": "https://fortiguard.com/psirt/FG-IR-23-304"}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", "matchCriteriaId": "18205067-639E-4A90-AF8C-DA71FB65AEFA", "versionEndExcluding": "7.0.10", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E0D5DF6-69C6-4325-94D3-D7A44862F62C", "versionEndExcluding": "7.2.4", "versionStartIncluding": "7.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB15106A-8295-4A9E-B5C8-FA9654636B15", "versionEndExcluding": "7.4.2", "versionStartIncluding": "7.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortianalyzer_bigdata:*:*:*:*:*:*:*:*", "matchCriteriaId": "7299FC61-369D-4F07-B0E1-1FD9E2E371A3", "versionEndIncluding": "6.4.7", "versionStartIncluding": "6.4.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortianalyzer_bigdata:*:*:*:*:*:*:*:*", "matchCriteriaId": "9417A7DF-F260-45C2-A224-D6FB08792C58", "versionEndIncluding": "7.0.6", "versionStartIncluding": "7.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortianalyzer_bigdata:*:*:*:*:*:*:*:*", "matchCriteriaId": "A06370D3-3917-4D9E-980D-52621794A671", "versionEndExcluding": "7.2.6", "versionStartIncluding": "7.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortianalyzer_bigdata:6.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "11815CDE-B157-457A-AB0D-DA73A0F4656C", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", "matchCriteriaId": "BBD0FF48-FC1A-4406-B939-7E83ED65A57E", "versionEndExcluding": "7.0.10", "versionStartIncluding": "6.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5BC35BBC-5F0C-4802-8F00-643D465D43E4", "versionEndExcluding": "7.2.4", "versionStartIncluding": "7.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", "matchCriteriaId": "83316FAF-C5DE-4603-B3B2-6796E2FAF1A8", "versionEndExcluding": "7.4.2", "versionStartIncluding": "7.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC626329-3FCF-45BE-955B-82A495B10FA6", "versionEndIncluding": "6.0.14", "versionStartIncluding": "5.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer-BigData before 7.2.5 and Fortinet FortiPortal version 6.0 all versions and version 5.3 all versions allows a privileged attacker to execute unauthorized code or commands via specially crafted command arguments."}, {"lang": "es", "value": "Un uso de vulnerabilidad de cadena de formato controlada externamente [CWE-134] en Fortinet FortiManager versi\u00f3n 7.4.0 a 7.4.1, versi\u00f3n 7.2.0 a 7.2.3 y anteriores a 7.0.10, Fortinet FortiAnalyzer versi\u00f3n 7.4.0 a 7.4.1 , versi\u00f3n 7.2.0 a 7.2.3 y anteriores a 7.0.10, Fortinet FortiAnalyzer-BigData anterior a 7.2.5 y Fortinet FortiPortal versi\u00f3n 6.0 todas las versiones y la versi\u00f3n 5.3 todas las versiones permite a un atacante privilegiado ejecutar c\u00f3digo o comandos no autorizados a trav\u00e9s de argumentos de comando especialmente manipulados."}], "id": "CVE-2023-41842", "lastModified": "2024-03-21T21:04:13.000", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2024-03-12T15:15:45.920", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-23-304"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-134"}], "source": "psirt@fortinet.com", "type": "Primary"}]}