MEDIUM 4.7
CVE-2022-23439
EN A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver
CVSS v3
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.2%
percentile 42.9%
Apps suivies affectées
Configurations CPE vulnérables
| Vendor | Produit | Plateforme | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| fortinet | fortirecorder | iOS | ≥6.0.0 <6.0.11 | cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:* |
| fortinet | fortirecorder | iOS | ≥6.4.0 <6.4.3 | cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:* |
| fortinet | fortisoar | iOS | ≥6.4.0 <7.3.0 | cpe:2.3:a:fortinet:fortisoar:*:*:*:*:*:*:*:* |