CVE-2020-29011

Instances of SQL Injection vulnerabilities in the checksum search and MTA-quarantine modules of FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated attacker to execute unauthorized code on the underlying SQL interpreter via specifically crafted HTTP requests.
References
Link Resource
https://fortiguard.com/advisory/FG-IR-20-171 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-08-04 16:15

Updated : 2024-02-28 18:28


NVD link : CVE-2020-29011

Mitre link : CVE-2020-29011

CVE.ORG link : CVE-2020-29011


JSON object : View

Products Affected

fortinet

  • fortisandbox
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')