Vulnerabilites related to fortinet - antivirus_engine
cve-2022-26122
Vulnerability from cvelistv5
Published
2022-11-02 00:00
Modified
2024-10-22 20:53
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:P/RL:U/RC:R
Summary
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64.
References
https://fortiguard.com/psirt/FG-IR-22-074
Impacted products
Vendor Product Version
Fortinet Fortinet AV Engine, FortiMail, FortiOS, FortiClient Version: AV Engine version 6.2.168 and below and version 6.4.274 and below.
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T04:56:37.592Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://fortiguard.com/psirt/FG-IR-22-074",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2022-26122",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-22T20:19:05.845844Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-22T20:53:22.490Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Fortinet AV Engine, FortiMail, FortiOS, FortiClient",
               vendor: "Fortinet",
               versions: [
                  {
                     status: "affected",
                     version: "AV Engine version 6.2.168 and below and version 6.4.274 and below.",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  exploitCodeMaturity: "PROOF_OF_CONCEPT",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  remediationLevel: "UNAVAILABLE",
                  reportConfidence: "REASONABLE",
                  scope: "CHANGED",
                  temporalScore: 4.3,
                  temporalSeverity: "MEDIUM",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:P/RL:U/RC:R",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Denial of service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-11-02T00:00:00",
            orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            shortName: "fortinet",
         },
         references: [
            {
               url: "https://fortiguard.com/psirt/FG-IR-22-074",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
      assignerShortName: "fortinet",
      cveId: "CVE-2022-26122",
      datePublished: "2022-11-02T00:00:00",
      dateReserved: "2022-02-25T00:00:00",
      dateUpdated: "2024-10-22T20:53:22.490Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2022-11-02 12:15
Modified
2024-11-21 06:53
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Summary
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64.
References
psirt@fortinet.comhttps://fortiguard.com/psirt/FG-IR-22-074Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://fortiguard.com/psirt/FG-IR-22-074Patch, Vendor Advisory
Impacted products
Vendor Product Version
fortinet antivirus_engine 0.4.23
fortinet antivirus_engine 2.0.49
fortinet antivirus_engine 2.0.60
fortinet antivirus_engine 4.4.54
fortinet antivirus_engine 6.33
fortinet antivirus_engine 6.137
fortinet antivirus_engine 6.142
fortinet antivirus_engine 6.144
fortinet antivirus_engine 6.145
fortinet antivirus_engine 6.156
fortinet antivirus_engine 6.157
fortinet antivirus_engine 6.243
fortinet antivirus_engine 6.252
fortinet antivirus_engine 6.253
fortinet fortimail *
fortinet fortimail *
fortinet fortimail *
fortinet fortimail *
fortinet fortimail 4.1.0
fortinet fortios *
fortinet fortios *
fortinet fortios *
fortinet fortios *
fortinet fortios 7.2.0


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:0.4.23:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E472D86-EC41-4AC8-AA7E-E2D94F123680",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:2.0.49:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A6024DF-0DB4-420B-8226-1CBD55A92364",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:2.0.60:*:*:*:*:*:*:*",
                     matchCriteriaId: "BF2C1609-3538-4419-B75C-32C84B21A75D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:4.4.54:*:*:*:*:*:*:*",
                     matchCriteriaId: "7051D640-5891-415E-8A77-F68C35134954",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:6.33:*:*:*:*:*:*:*",
                     matchCriteriaId: "4AE41E36-D7B9-42F0-9C34-FA18F081B2C0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:6.137:*:*:*:*:*:*:*",
                     matchCriteriaId: "B51453FA-C7D3-481B-BC3B-46D94009E3FA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:6.142:*:*:*:*:*:*:*",
                     matchCriteriaId: "35E2F910-2553-4DC8-8730-0A0BF16A91B0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:6.144:*:*:*:*:*:*:*",
                     matchCriteriaId: "17870D25-F9BF-47F3-A63F-63DCF0C0A4D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:6.145:*:*:*:*:*:*:*",
                     matchCriteriaId: "F532E565-F438-4268-BEE3-F27B9B44EC8F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:6.156:*:*:*:*:*:*:*",
                     matchCriteriaId: "AA32EE02-B802-43B8-A57C-3D8680C22573",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:6.157:*:*:*:*:*:*:*",
                     matchCriteriaId: "024D9F08-76C9-4E10-873E-6A4B618CE44F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:6.243:*:*:*:*:*:*:*",
                     matchCriteriaId: "250CDE83-42CA-4F2C-83DB-1274B3B8C75D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:6.252:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B167E24-C4B2-4A06-8987-D49812D69D29",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:antivirus_engine:6.253:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7B97F13-AB4A-4114-BF89-D57945506991",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "01F784BF-4F89-4938-9150-F911E3EB6CD0",
                     versionEndIncluding: "6.0.12",
                     versionStartIncluding: "6.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEDC7EE8-084C-4F9E-A510-E283FCDF9832",
                     versionEndIncluding: "6.2.9",
                     versionStartIncluding: "6.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C0A5C345-7055-4F18-AE77-FF1DBE41AB89",
                     versionEndIncluding: "6.4.6",
                     versionStartIncluding: "6.4.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "43038EC9-6FD3-488C-8CA3-8B4A705C3E11",
                     versionEndIncluding: "7.0.2",
                     versionStartIncluding: "7.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:fortinet:fortimail:4.1.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2822C6B9-7FD5-4E1B-907B-F324F28A82A3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7CB40CF0-CC6A-44A5-BC5D-70DC7CA78D49",
                     versionEndIncluding: "6.0.15",
                     versionStartIncluding: "6.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E417AB31-3C1E-47C9-941B-36026B4379E8",
                     versionEndIncluding: "6.2.11",
                     versionStartIncluding: "6.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF6F9869-F824-4519-986E-A032668EA7BA",
                     versionEndIncluding: "6.4.10",
                     versionStartIncluding: "6.4.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE466DB5-F176-45E6-B017-A658A0B74836",
                     versionEndIncluding: "7.0.6",
                     versionStartIncluding: "7.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9B87A2A-4C83-448B-8009-AD20214D58CB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64.",
      },
      {
         lang: "es",
         value: "Una verificación insuficiente de la vulnerabilidad de autenticidad de datos [CWE-345] en los motores FortiClient, FortiMail y FortiOS AV versión 6.2.168 e inferiores y la versión 6.4.274 e inferiores puede permitir a un atacante eludir el motor AV mediante la manipulación del archivo adjunto MIME con basura y pad. caracteres en base64.",
      },
   ],
   id: "CVE-2022-26122",
   lastModified: "2024-11-21T06:53:28.560",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 4.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 1.4,
            source: "psirt@fortinet.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-11-02T12:15:52.747",
   references: [
      {
         source: "psirt@fortinet.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://fortiguard.com/psirt/FG-IR-22-074",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://fortiguard.com/psirt/FG-IR-22-074",
      },
   ],
   sourceIdentifier: "psirt@fortinet.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-345",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}