{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-48893",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-14T15:16:52.295434Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-14T20:57:27.993Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortisoar:7.3.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.1:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.3.3",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.2",
              "status": "affected",
              "version": "7.2.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker to perform a stored cross site scripting (XSS) attack via the creation of malicious playbook."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-14T14:08:29.839Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-405",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-405"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSOAR version 7.4.0 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2024-48893",
    "datePublished": "2025-01-14T14:08:29.839Z",
    "dateReserved": "2024-10-09T09:03:09.963Z",
    "dateUpdated": "2025-01-14T20:57:27.993Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:23:30.814Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://fortiguard.com/psirt/FG-IR-23-051",
            "tags": [
              "x_transferred"
            ],
            "url": "https://fortiguard.com/psirt/FG-IR-23-051"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-27995",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T14:11:23.807257Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-23T14:30:21.861Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.3.1",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A improper neutralization of special elements used in a template engine vulnerability in Fortinet FortiSOAR 7.3.0 through 7.3.1 allows an authenticated, remote attacker to execute arbitrary code via a crafted payload."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1336",
              "description": "Information disclosure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-11T16:05:43.728Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.com/psirt/FG-IR-23-051",
          "url": "https://fortiguard.com/psirt/FG-IR-23-051"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSOAR version 8.0.0 or above Please upgrade to FortiSOAR version 7.3.2 or above Please upgrade to FortiSOAR version 7.2.3 or above Please upgrade to FortiSOAR version 7.0.4 or above Please upgrade to FortiSOAR version 6.6.0 or above Please upgrade to FortiSOAR version 6.4.5 or above "
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2023-27995",
    "datePublished": "2023-04-11T16:05:43.728Z",
    "dateReserved": "2023-03-09T10:09:33.119Z",
    "dateUpdated": "2024-10-23T14:30:21.861Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-23439",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-22T14:21:27.552014Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-22T14:21:36.714Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [],
          "defaultStatus": "unaffected",
          "product": "FortiTester",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.2.1",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.1.1",
              "status": "affected",
              "version": "7.1.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "lessThanOrEqual": "4.2.1",
              "status": "affected",
              "version": "4.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.1.1",
              "status": "affected",
              "version": "4.1.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "4.0.0"
            },
            {
              "lessThanOrEqual": "3.9.2",
              "status": "affected",
              "version": "3.9.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "3.8.0"
            },
            {
              "lessThanOrEqual": "3.7.1",
              "status": "affected",
              "version": "3.7.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "3.6.0"
            },
            {
              "lessThanOrEqual": "3.5.1",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "3.4.0"
            },
            {
              "lessThanOrEqual": "3.3.1",
              "status": "affected",
              "version": "3.3.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.16:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.18:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortios:6.4.*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiOS",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "lessThanOrEqual": "7.0.5",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.15",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.16",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.18",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "6.4.*",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortimail:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.0.12:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.0.11:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.0.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:6.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:5.4.12:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:5.4.11:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:5.4.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:5.4.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:5.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:5.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:5.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:5.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:5.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:5.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:5.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:5.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:5.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortimail:7.2.*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiMail",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.0.3",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.8",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.9",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.12",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.12",
              "status": "affected",
              "version": "5.4.0",
              "versionType": "semver"
            },
            {
              "lessThan": "7.2.*",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortiswitch:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiswitch:6.0.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiSwitch",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.0.4",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.10",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.8",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.7",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:fortinet:fortiddos-f:6.3.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos-f:6.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos-f:6.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos-f:6.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos-f:6.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos-f:6.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos-f:6.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos-f:6.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos-f:6.1.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos-f:6.1.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos-f:6.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos-f:6.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos-f:6.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos-f:6.1.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiDDoS-F",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "6.3.3",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.3",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.5",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [],
          "defaultStatus": "unaffected",
          "product": "FortiProxy",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.0.4",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.0.14",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "1.2.13",
              "status": "affected",
              "version": "1.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "1.1.6",
              "status": "affected",
              "version": "1.1.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "1.0.7",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.0.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:6.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:2.7.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:2.7.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:2.7.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:2.7.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:2.7.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:2.7.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:2.7.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:2.7.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:2.6.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:2.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:2.6.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortirecorder:2.6.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiRecorder",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "6.4.2",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.10",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.7.7",
              "status": "affected",
              "version": "2.7.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.6.3",
              "status": "affected",
              "version": "2.6.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [],
          "defaultStatus": "unaffected",
          "product": "FortiNDR",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "lessThanOrEqual": "7.0.6",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "1.5.3",
              "status": "affected",
              "version": "1.5.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "1.4.0"
            },
            {
              "lessThanOrEqual": "1.3.1",
              "status": "affected",
              "version": "1.3.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "1.2.0"
            },
            {
              "status": "affected",
              "version": "1.1.0"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:h:fortinet:fortiadc:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.1.6:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.1.5:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.1.4:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:6.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.3.7:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.3.6:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.3.5:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.3.4:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.3.3:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.1.7:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.1.6:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.1.5:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.1.4:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:h:fortinet:fortiadc:5.0.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiADC",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.0.1",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.3",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.6",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.4",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.5",
              "status": "affected",
              "version": "5.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.3.7",
              "status": "affected",
              "version": "5.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.2.8",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.1.7",
              "status": "affected",
              "version": "5.1.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.0.4",
              "status": "affected",
              "version": "5.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiManager",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.4.3",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.9",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.13",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.15",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.13",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortisoar:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.2.2",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.3",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.4",
              "status": "affected",
              "version": "6.4.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.1",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiVoice",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.0.1",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.8",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.11",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:fortinet:fortiddos:5.5.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:5.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:5.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:5.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:5.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:5.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:5.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:5.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:5.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:5.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:5.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:5.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:4.7.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:4.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortiddos:4.5.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiDDoS",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "5.5.1",
              "status": "affected",
              "version": "5.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.3",
              "status": "affected",
              "version": "5.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.3.2",
              "status": "affected",
              "version": "5.3.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "5.2.0"
            },
            {
              "status": "affected",
              "version": "5.1.0"
            },
            {
              "status": "affected",
              "version": "5.0.0"
            },
            {
              "status": "affected",
              "version": "4.7.0"
            },
            {
              "status": "affected",
              "version": "4.6.0"
            },
            {
              "status": "affected",
              "version": "4.5.0"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortiwlc:8.6.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.6.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.6.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.6.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.6.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.6.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.5.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.5.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.5.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.5.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.5.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiwlc:8.4.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiWLC",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "8.6.7",
              "status": "affected",
              "version": "8.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.5.5",
              "status": "affected",
              "version": "8.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.4.8",
              "status": "affected",
              "version": "8.4.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.4.2",
              "status": "affected",
              "version": "8.4.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.13:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.10:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.7:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:fortinet:fortianalyzer:6.2.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiAnalyzer",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.4.2",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.9",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.13",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.15",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.13",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [],
          "defaultStatus": "unaffected",
          "product": "FortiPortal",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "6.0.9",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortiauthenticator:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.3.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.0.8:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.0.7:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.0.6:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.0.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.0.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:6.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:5.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:5.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:5.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:5.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:5.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:5.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:5.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:5.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:5.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:5.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortiauthenticator:5.1.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiAuthenticator",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "6.4.1",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.3.3",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.2",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.3",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.8",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "5.5.0"
            },
            {
              "lessThanOrEqual": "5.4.1",
              "status": "affected",
              "version": "5.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.3.1",
              "status": "affected",
              "version": "5.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.2.2",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.1.2",
              "status": "affected",
              "version": "5.1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-610",
              "description": "Improper access control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-22T09:10:28.669Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.com/psirt/FG-IR-21-254",
          "url": "https://fortiguard.com/psirt/FG-IR-21-254"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "FortiOS\nAdministrative Interface\nPlease upgrade to FortiOS version 7.0.6 and above,\nPlease upgrade to FortiOS version 7.2.1 and above.\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n\u00a0 \u00a0 set admin-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\n\nSSLVPN interface\nPlease upgrade to FortiOS version 7.4.0 or above\nPlease upgrade to FortiOS version 7.2.5 or above\nAND\nSet the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN:\nconfig vpn ssl settings\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.\n\nWebfilter interface (port 8008)\nPlease upgrade to FortiOS version 7.4.0 or above\nPlease upgrade to FortiOS version 7.2.5 or above\nPlease upgrade to FortiOS version 7.0.12 or above\nPlease upgrade to FortiOS version 6.4.13 or above\n\nFortiProxy\nAdministrative Interface\nPlease upgrade to FortiProxy version 7.0.5 and above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n\u00a0 \u00a0 set admin-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\n\nSSLVPN interface\nPlease upgrade to FortiProxy version 7.4.0 or above\nAND\nSet the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN:\nconfig vpn ssl settings\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection.\n\nWebFilter\u00a0interface (port 8008)\nPlease upgrade to FortiProxy version 7.4.0 or above\n\nPlease upgrade to FortiRecorder version 7.0.0 or above \nPlease upgrade to FortiRecorder version 6.4.3 or above \nPlease upgrade to FortiRecorder version 6.0.11 or above \nPlease upgrade to FortiNDR version 7.4.0 or above\n\nFortiNDR\nPlease upgrade to FortiNDR version 7.2.1 or above\nPlease upgrade to FortiNDR version 7.1.1 or above\nAND\nSet the `https-redirect-host` property to the device hostname, which will disable `Host redirection`:\nconfig system global\n\u00a0 \u00a0 set https-redirect-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\nend\n\nFortiADC\nPlease upgrade to FortiADC version 7.1.0 or above\nPlease upgrade to FortiADC version 7.0.2 or above\nPlease upgrade to FortiADC version 6.2.4 or above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\n\u00a0 config system global\n\u00a0 \u00a0 set admin-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\"\n\nFortiDDOS-F\nPlease upgrade to FortiDDoS-F version 6.4.0 or above\nPlease upgrade to FortiDDoS-F version 6.3.4 or above\nAND\nSet the `admin-host` property to the device hostname, which will disable `Host redirection`:\n\u00a0 config system global\n\u00a0 \u00a0 set admin-host  \"Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client\u0027s Host header for any redirection\" \n\nPlease upgrade to FortiSwitch version 7.2.0 or above \nPlease upgrade to FortiSwitch version 7.0.5 or above \nPlease upgrade to FortiSwitch version 6.4.11 or above \nPlease upgrade to FortiVoice version 7.0.2 or above\nPlease upgrade to FortiVoice version 6.4.9 or above\nPlease upgrade to FortiMail version 7.2.0 or above \nPlease upgrade to FortiMail version 7.0.4 or above \nPlease upgrade to FortiWLC version 8.6.7 or above \nPlease upgrade to FortiAuthenticator version 6.4.2 or above \nPlease upgrade to FortiAuthenticator version 6.3.4 or above \nPlease upgrade to FortiDDoS version 5.6.0 or above \nPlease upgrade to FortiDDoS version 5.5.2 or above \nPlease upgrade to FortiSOAR version 7.3.0 or above \nPlease upgrade to FortiTester version 7.3.0 or above \nPlease upgrade to FortiTester version 7.2.2 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2022-23439",
    "datePublished": "2025-01-22T09:10:28.669Z",
    "dateReserved": "2022-01-19T07:38:03.512Z",
    "dateUpdated": "2025-01-22T14:21:36.714Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:25:19.310Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://fortiguard.com/psirt/FG-IR-23-050",
            "tags": [
              "x_transferred"
            ],
            "url": "https://fortiguard.com/psirt/FG-IR-23-050"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-25605",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T14:15:43.971677Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-23T14:31:53.263Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.3.1",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A improper access control vulnerability in Fortinet FortiSOAR 7.3.0 - 7.3.1 allows an attacker authenticated on the administrative interface to perform unauthorized actions via crafted HTTP requests."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:X/RL:X/RC:X",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "Improper access control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-07T16:04:34.059Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.com/psirt/FG-IR-23-050",
          "url": "https://fortiguard.com/psirt/FG-IR-23-050"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSOAR version 7.3.2 or above "
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2023-25605",
    "datePublished": "2023-03-07T16:04:34.059Z",
    "dateReserved": "2023-02-08T13:42:03.366Z",
    "dateUpdated": "2024-10-23T14:31:53.263Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-47572",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-14T14:25:14.521485Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-18T21:36:45.163Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortisoar:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.1:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.4.1",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.3.2",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.2",
              "status": "affected",
              "version": "7.2.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper neutralization of formula elements in a csv file in Fortinet FortiSOAR 7.2.1 through 7.4.1 allows attacker to execute unauthorized code or commands via manipulating csv file"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1236",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-14T14:09:59.359Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-210",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-210"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSOAR version 7.4.2 or above \nPlease upgrade to FortiSOAR version 7.3.3 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2024-47572",
    "datePublished": "2025-01-14T14:09:59.359Z",
    "dateReserved": "2024-09-27T16:19:24.136Z",
    "dateUpdated": "2025-02-18T21:36:45.163Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-48892",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-13T19:54:21.184423Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-13T20:13:21.451Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortisoar:7.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.5.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.6.0"
            },
            {
              "lessThanOrEqual": "7.5.1",
              "status": "affected",
              "version": "7.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.4.5",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.3.3",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A relative path traversal vulnerability [CWE-23] in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an authenticated attacker to read arbitrary files via uploading a malicious solution pack."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:P/RL:X/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-23",
              "description": "Information disclosure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T19:00:07.291Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-421",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-421"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSOAR version 7.6.1 or above \nPlease upgrade to FortiSOAR version 7.5.2 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2024-48892",
    "datePublished": "2025-08-12T19:00:07.291Z",
    "dateReserved": "2024-10-09T09:03:09.962Z",
    "dateUpdated": "2025-08-13T20:13:21.451Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:54:03.724Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://fortiguard.com/psirt/FG-IR-22-220",
            "tags": [
              "x_transferred"
            ],
            "url": "https://fortiguard.com/psirt/FG-IR-22-220"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-38379",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-22T20:18:51.343015Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-22T20:51:29.381Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "lessThanOrEqual": "7.0.3",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper neutralization of input during web page generation [CWE-79] in FortiSOAR 7.0.0 through 7.0.3 and 7.2.0 may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.4,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:F/RL:X/RC:X",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-06T16:00:58.746Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.com/psirt/FG-IR-22-220",
          "url": "https://fortiguard.com/psirt/FG-IR-22-220"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSOAR version 7.2.1 or above "
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2022-38379",
    "datePublished": "2022-12-06T16:00:58.746Z",
    "dateReserved": "2022-08-16T14:17:48.481Z",
    "dateUpdated": "2024-10-22T20:51:29.381Z",
    "requesterUserId": "a0475cc0-be89-4a25-97b3-d1b8023a8677",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-26211",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-13T15:59:48.473867Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-13T16:00:04.582Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.3.2",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.2",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.3",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.4",
              "status": "affected",
              "version": "6.4.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.1",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) in Fortinet FortiSOAR 7.3.0 through 7.3.2 allows an authenticated, remote attacker to inject arbitrary web script or HTML via the Communications module."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:X/RC:X",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-13T15:51:56.864Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.com/psirt/FG-IR-23-088",
          "url": "https://fortiguard.com/psirt/FG-IR-23-088"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSOAR version 7.5.0 or above \nPlease upgrade to FortiSOAR version 7.4.1 or above \nPlease upgrade to FortiSOAR version 7.3.3 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2023-26211",
    "datePublished": "2024-08-13T15:51:56.864Z",
    "dateReserved": "2023-02-20T15:09:20.637Z",
    "dateUpdated": "2024-08-13T16:00:04.582Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21760",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-18T14:14:53.853979Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-18T14:15:03.959Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortisoar:7.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.4.5",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.3.3",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.2",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.3",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.4",
              "status": "affected",
              "version": "6.4.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.1",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper control of generation of code (\u0027Code Injection\u0027) vulnerability [CWE-94]\u00a0in\u00a0FortiSOAR Connector FortiSOAR 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow\u00a0an authenticated attacker\u00a0to execute arbitrary code on the host via a playbook code snippet."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:X/RC:X",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-18T13:56:44.525Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-420",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-420"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSOAR version 7.5.0 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2024-21760",
    "datePublished": "2025-03-18T13:56:44.525Z",
    "dateReserved": "2024-01-02T10:15:00.527Z",
    "dateUpdated": "2025-03-18T14:15:03.959Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45327",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-11T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-12T03:55:24.954Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortisoar:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.4.3",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.3.2",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.2",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.3",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper authorization vulnerability [CWE-285] in FortiSOAR version 7.4.0 through 7.4.3, 7.3.0 through 7.3.2, 7.2.0 through 7.2.2, 7.0.0 through 7.0.3 change password endpoint may allow an authenticated attacker to perform a brute force attack on users and administrators password via crafted HTTP requests."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-307",
              "description": "Improper access control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-11T09:53:46.087Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-048",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-048"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSOAR version 7.5.0 or above \nPlease upgrade to FortiSOAR version 7.4.4 or above \nPlease upgrade to FortiSOAR version 7.3.3 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2024-45327",
    "datePublished": "2024-09-11T09:53:46.087Z",
    "dateReserved": "2024-08-27T06:43:07.250Z",
    "dateUpdated": "2024-09-12T03:55:24.954Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36510",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-15T14:50:55.718822Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-15T14:51:13.708Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [],
          "defaultStatus": "unaffected",
          "product": "FortiClientEMS",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.2.4",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.13",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortisoar:7.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.5.0"
            },
            {
              "lessThanOrEqual": "7.4.4",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.3.2",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.2",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.3",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.4",
              "status": "affected",
              "version": "6.4.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.1",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to enumerate valid users via observing login request responses."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:X/RC:X",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-204",
              "description": "Information disclosure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-14T14:09:49.286Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-071",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-071"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiClientEMS version 7.4.1 or above \nPlease upgrade to FortiClientEMS version 7.2.5 or above \nPlease upgrade to FortiSOAR version 7.6.0 or above \nPlease upgrade to FortiSOAR version 7.5.1 or above \nPlease upgrade to FortiSOAR version 7.4.5 or above \nPlease upgrade to FortiSOAR version 7.3.3 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2024-36510",
    "datePublished": "2025-01-14T14:09:49.286Z",
    "dateReserved": "2024-05-29T08:44:50.760Z",
    "dateUpdated": "2025-01-15T14:51:13.708Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32932",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-13T19:54:23.450724Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-13T20:13:36.224Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortisoar:7.6.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.5.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:7.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:fortinet:fortisoar:6.4.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "lessThanOrEqual": "7.6.1",
              "status": "affected",
              "version": "7.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.5.1",
              "status": "affected",
              "version": "7.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.4.5",
              "status": "affected",
              "version": "7.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.3.3",
              "status": "affected",
              "version": "7.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.2.2",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.3",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.4",
              "status": "affected",
              "version": "6.4.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.1",
              "status": "affected",
              "version": "6.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability [CWE-79] in FortiSOAR version 7.6.1 and below, version 7.5.1 and below, 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions WEB UI may allow an authenticated remote attacker to perform an XSS attack via stored malicious service requests"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N/E:P/RL:U/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T19:00:01.506Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-513",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-513"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSOAR version 7.6.2 or above \nPlease upgrade to FortiSOAR version 7.5.2 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2025-32932",
    "datePublished": "2025-08-12T19:00:01.506Z",
    "dateReserved": "2025-04-14T20:15:17.185Z",
    "dateUpdated": "2025-08-13T20:13:36.224Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-48890",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-15T14:54:48.634044Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-15T14:55:00.652Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:fortinet:fortisoar:7.5.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.5.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027) vulnerability [CWE-78] in FortiSOAR IMAP connector version 3.5.7 and below may allow an authenticated attacker to execute unauthorized code or commands via a specifically crafted playbook"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L/E:P/RL:X/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-14T14:09:50.944Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-415",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-415"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSOAR version 7.5.1 or above"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2024-48890",
    "datePublished": "2025-01-14T14:09:50.944Z",
    "dateReserved": "2024-10-09T09:03:09.962Z",
    "dateUpdated": "2025-01-15T14:55:00.652Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-31493",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-03T14:10:28.453232Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:36:40.737Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T01:52:57.311Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-052",
            "tags": [
              "x_transferred"
            ],
            "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-052"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "lessThanOrEqual": "7.2.2",
              "status": "affected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.3",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper removal of sensitive information before storage or transfer vulnerability [CWE-212] in FortiSOAR version 7.3.0, version 7.2.2 and below, version 7.0.3 and below may allow an authenticated low privileged user to read Connector passwords in plain-text via HTTP responses."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:X/RC:X",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-212",
              "description": "Information disclosure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-03T07:55:29.476Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.fortinet.com/psirt/FG-IR-24-052",
          "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-052"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSOAR version 7.3.1 or above \n"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2024-31493",
    "datePublished": "2024-06-03T07:55:29.476Z",
    "dateReserved": "2024-04-04T12:52:41.586Z",
    "dateUpdated": "2024-08-02T01:52:57.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-23775",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T18:46:02.668574Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T18:46:10.782Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:42:26.252Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://fortiguard.com/psirt/FG-IR-22-448",
            "tags": [
              "x_transferred"
            ],
            "url": "https://fortiguard.com/psirt/FG-IR-22-448"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FortiSOAR",
          "vendor": "Fortinet",
          "versions": [
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "lessThanOrEqual": "7.0.3",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple improper neutralization of special elements used in\u00a0SQL commands (\u0027SQL Injection\u0027) vulnerabilities [CWE-89] in FortiSOAR\u00a07.2.0 and before 7.0.3 may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted strings parameters."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "Execute unauthorized code or commands",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-11T14:32:00.651Z",
        "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "shortName": "fortinet"
      },
      "references": [
        {
          "name": "https://fortiguard.com/psirt/FG-IR-22-448",
          "url": "https://fortiguard.com/psirt/FG-IR-22-448"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiSOAR version 7.2.1 or above \n"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
    "assignerShortName": "fortinet",
    "cveId": "CVE-2023-23775",
    "datePublished": "2024-06-11T14:32:00.651Z",
    "dateReserved": "2023-01-18T08:30:21.306Z",
    "dateUpdated": "2024-08-02T10:42:26.252Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}