CVE-2022-27491

{"id": "CVE-2022-27491", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-09-06T18:15:12.693", "references": [{"url": "https://fortiguard.com/psirt/FG-IR-22-073", "tags": ["Vendor Advisory"], "source": "psirt@fortinet.com"}, {"url": "https://fortiguard.com/psirt/FG-IR-22-073", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "A improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 through 7.214, 7.001 through 7.113, 6.001 through 6.121, 5.001 through 5.258 and before 4.086 allows a remote and unauthenticated attacker to trigger the sending of \"blocked page\" HTML data to an arbitrary victim via crafted TCP requests, potentially flooding the victim."}, {"lang": "es", "value": "Una verificaci\u00f3n inapropiada de la fuente de un canal de comunicaci\u00f3n en Fortinet FortiOS con motor IPS versiones 7.201 hasta 7.214, 7.001 hasta 7.113, 6.001 hasta 6.121, 5.001 hasta 5.258 y anteriores a 4.086, permite a un atacante remoto y no autenticado desencadenar el env\u00edo de datos HTML \"blocked page\" a una v\u00edctima arbitraria por medio de peticiones TCP dise\u00f1adas, inundando potencialmente a la v\u00edctima.\n"}], "lastModified": "2024-11-21T06:55:49.903", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A857126-D7EE-4CB4-BCAA-68D6C4FEC3E4", "versionEndIncluding": "6.0.14", "versionStartIncluding": "6.0.0"}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38DA2E7D-2367-45B6-96FE-4BA3C0C75E85", "versionEndExcluding": "6.2.11", "versionStartIncluding": "6.2.0"}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08019066-27F4-4E9D-B6E5-2F74BAF065EE", "versionEndExcluding": "6.4.9", "versionStartIncluding": "6.4.0"}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "103E0368-0675-4511-95BF-D5CCD67BBAA5", "versionEndExcluding": "7.0.6", "versionStartIncluding": "7.0.0"}, {"criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}