How severe is CVE-2022-42471?

CVE-2022-42471 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2022-42471

Name: fortiweb
Author: fortinet

5.4MEDIUM

An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability [CWE-113] In FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.4.0 through 6.4.2, FortiWeb

게시됨: 1/3/2023업데이트됨: 11/21/2024

설명

An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability [CWE-113] In FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.4.0 through 6.4.2, FortiWeb version 6.3.6 through 6.3.20 may allow an authenticated and remote attacker to inject arbitrary headers.

AI 분석AI 기반

영향받는 제품

fortinetfortiweb

6.4.0

fortinetfortiweb

6.4.1

fortinetfortiweb

6.4.2

fortinetfortiweb

7.0.0

fortinetfortiweb

7.0.1

fortinetfortiweb

7.0.2

참조

https://fortiguard.com/psirt/FG-IR-22-250
PatchVendor Advisory
https://fortiguard.com/psirt/FG-IR-22-250
PatchVendor Advisory