How severe is CVE-2022-35845?

CVE-2022-35845 has a CVSS v3 score of 7.8 (HIGH).

CVE-2022-35845

Name: fortitester
Author: fortinet

7.8HIGH

Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through

公開日: 1/3/2023更新日: 11/21/2024

説明

Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through 3.9.1 may allow an authenticated attacker to execute arbitrary commands in the underlying shell.

AI分析AIによる分析

影響を受ける製品

fortinetfortitester

4.0.0

fortinetfortitester

4.1.0

fortinetfortitester

4.1.1

fortinetfortitester

4.2.0

fortinetfortitester

7.0.0

fortinetfortitester

7.1.0

参照

https://fortiguard.com/psirt/FG-IR-22-274
PatchVendor Advisory
https://fortiguard.com/psirt/FG-IR-22-274
PatchVendor Advisory