← Voltar para CVEs
CVE-2021-22125
MEDIUM6.3
Descricao
An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file.
Detalhes CVE
Pontuacao CVSS v3.16.3
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
Vetor de ataqueADJACENT_NETWORK
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado7/20/2021
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
fortinet:fortisandbox
Fraquezas (CWE)
CWE-78
Referencias
https://fortiguard.com/advisory/FG-IR-21-005(psirt@fortinet.com)
https://fortiguard.com/advisory/FG-IR-21-005(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.