CVE-2023-25608 - Vulnerability Details - OpenCVE

An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all versions; FortiAP 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions, 6.0 all versions; FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to read arbitrary files via specially crafted command arguments.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Fortinet	Fortiap Fortiap-c Fortiap-u Fortiap-w2

Configuration 1 [-]

OR	cpe:2.3:a:fortinet:fortiap::::::::
	cpe:2.3:a:fortinet:fortiap::::::::
	cpe:2.3:a:fortinet:fortiap-c::::::::
	cpe:2.3:a:fortinet:fortiap-u::::::::
	cpe:2.3:a:fortinet:fortiap-u:7.0.0:::::::*
	cpe:2.3:a:fortinet:fortiap-w2::::::::
	cpe:2.3:a:fortinet:fortiap-w2::::::::
	cpe:2.3:a:fortinet:fortiap-w2::::::::

No data.

References

Link	Providers
https://fortiguard.com/psirt/FG-IR-22-120

History

Tue, 24 Sep 2024 20:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-09-13T12:28:51.497Z

Updated: 2024-09-24T20:00:10.726Z

Reserved: 2023-02-08T13:42:03.367Z

Link: CVE-2023-25608

Vulnrichment

Updated: 2024-08-02T11:25:19.383Z

NVD

Status : Modified

Published: 2023-09-13T13:15:08.040

Modified: 2024-11-21T07:49:49.420

Link: CVE-2023-25608

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-25608", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2023-02-08T13:42:03.367Z", "datePublished": "2023-09-13T12:28:51.497Z", "dateUpdated": "2024-09-24T20:00:10.726Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiAP-W2", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.1", "status": "affected"}, {"versionType": "semver", "version": "7.0.3", "lessThanOrEqual": "7.0.5", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.1", "status": "affected"}, {"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.9", "status": "affected"}, {"versionType": "semver", "version": "6.2.0", "lessThanOrEqual": "6.2.6", "status": "affected"}, {"versionType": "semver", "version": "6.0.0", "lessThanOrEqual": "6.0.6", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiAP-C", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "5.4.0", "lessThanOrEqual": "5.4.4", "status": "affected"}, {"versionType": "semver", "version": "5.2.0", "lessThanOrEqual": "5.2.1", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiAP", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.1", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.5", "status": "affected"}, {"versionType": "semver", "version": "6.4.3", "lessThanOrEqual": "6.4.9", "status": "affected"}, {"versionType": "semver", "version": "6.0.0", "lessThanOrEqual": "6.0.6", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiAP-U", "defaultStatus": "unaffected", "versions": [{"version": "7.0.0", "status": "affected"}, {"versionType": "semver", "version": "6.2.0", "lessThanOrEqual": "6.2.5", "status": "affected"}, {"versionType": "semver", "version": "6.0.0", "lessThanOrEqual": "6.0.4", "status": "affected"}, {"versionType": "semver", "version": "5.4.3", "lessThanOrEqual": "5.4.6", "status": "affected"}, {"version": "5.4.0", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiAP-S", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "6.4.0", "lessThanOrEqual": "6.4.9", "status": "affected"}, {"versionType": "semver", "version": "6.2.0", "lessThanOrEqual": "6.2.6", "status": "affected"}, {"versionType": "semver", "version": "6.0.0", "lessThanOrEqual": "6.0.6", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all versions; FortiAP 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions, 6.0 all versions; FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to read arbitrary files via specially crafted command arguments."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2023-09-13T12:28:51.497Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-792", "description": "Information disclosure", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiAP-W2 version 7.2.2 or above Please upgrade to FortiAP-W2 version 7.0.6 or above Please upgrade to FortiAP-C version 5.4.5 or above Please upgrade to FortiAP version 7.2.2 or above Please upgrade to FortiAP version 7.0.6 or above Please upgrade to FortiAP-U version 7.0.1 or above Please upgrade to FortiAP-U version 6.2.6 or above "}], "references": [{"name": "https://fortiguard.com/psirt/FG-IR-22-120", "url": "https://fortiguard.com/psirt/FG-IR-22-120"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:25:19.383Z"}, "title": "CVE Program Container", "references": [{"name": "https://fortiguard.com/psirt/FG-IR-22-120", "url": "https://fortiguard.com/psirt/FG-IR-22-120", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-24T19:45:36.151614Z", "id": "CVE-2023-25608", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-24T20:00:10.726Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://fortiguard.com/psirt/FG-IR-22-120", "name": "https://fortiguard.com/psirt/FG-IR-22-120", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:25:19.383Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-25608", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-24T19:45:36.151614Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-24T20:00:03.921Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Fortinet", "product": "FortiAP-W2", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.1"}, {"status": "affected", "version": "7.0.3", "versionType": "semver", "lessThanOrEqual": "7.0.5"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.1"}, {"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.9"}, {"status": "affected", "version": "6.2.0", "versionType": "semver", "lessThanOrEqual": "6.2.6"}, {"status": "affected", "version": "6.0.0", "versionType": "semver", "lessThanOrEqual": "6.0.6"}], "defaultStatus": "unaffected"}, {"vendor": "Fortinet", "product": "FortiAP-C", "versions": [{"status": "affected", "version": "5.4.0", "versionType": "semver", "lessThanOrEqual": "5.4.4"}, {"status": "affected", "version": "5.2.0", "versionType": "semver", "lessThanOrEqual": "5.2.1"}], "defaultStatus": "unaffected"}, {"vendor": "Fortinet", "product": "FortiAP", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.1"}, {"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.0.5"}, {"status": "affected", "version": "6.4.3", "versionType": "semver", "lessThanOrEqual": "6.4.9"}, {"status": "affected", "version": "6.0.0", "versionType": "semver", "lessThanOrEqual": "6.0.6"}], "defaultStatus": "unaffected"}, {"vendor": "Fortinet", "product": "FortiAP-U", "versions": [{"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "6.2.0", "versionType": "semver", "lessThanOrEqual": "6.2.5"}, {"status": "affected", "version": "6.0.0", "versionType": "semver", "lessThanOrEqual": "6.0.4"}, {"status": "affected", "version": "5.4.3", "versionType": "semver", "lessThanOrEqual": "5.4.6"}, {"status": "affected", "version": "5.4.0"}], "defaultStatus": "unaffected"}, {"vendor": "Fortinet", "product": "FortiAP-S", "versions": [{"status": "affected", "version": "6.4.0", "versionType": "semver", "lessThanOrEqual": "6.4.9"}, {"status": "affected", "version": "6.2.0", "versionType": "semver", "lessThanOrEqual": "6.2.6"}, {"status": "affected", "version": "6.0.0", "versionType": "semver", "lessThanOrEqual": "6.0.6"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiAP-W2 version 7.2.2 or above Please upgrade to FortiAP-W2 version 7.0.6 or above Please upgrade to FortiAP-C version 5.4.5 or above Please upgrade to FortiAP version 7.2.2 or above Please upgrade to FortiAP version 7.0.6 or above Please upgrade to FortiAP-U version 7.0.1 or above Please upgrade to FortiAP-U version 6.2.6 or above "}], "references": [{"url": "https://fortiguard.com/psirt/FG-IR-22-120", "name": "https://fortiguard.com/psirt/FG-IR-22-120"}], "descriptions": [{"lang": "en", "value": "An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all versions; FortiAP 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions, 6.0 all versions; FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to read arbitrary files via specially crafted command arguments."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-792", "description": "Information disclosure"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2023-09-13T12:28:51.497Z"}}}, "cveMetadata": {"cveId": "CVE-2023-25608", "state": "PUBLISHED", "dateUpdated": "2024-09-24T20:00:10.726Z", "dateReserved": "2023-02-08T13:42:03.367Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2023-09-13T12:28:51.497Z", "assignerShortName": "fortinet"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiap:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5BE67AF-5DC9-4942-832F-03BEC88CD2B9", "versionEndExcluding": "7.0.6", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiap:*:*:*:*:*:*:*:*", "matchCriteriaId": "41C213D0-356F-425E-A124-5B72A3AEE54D", "versionEndExcluding": "7.2.2", "versionStartIncluding": "7.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiap-c:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E770699-3997-4E61-A4AD-68D102FCA4B3", "versionEndExcluding": "5.4.5", "versionStartIncluding": "5.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiap-u:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D44BE0A-B671-454C-8B6A-56AA4BA70E60", "versionEndExcluding": "6.2.6", "versionStartIncluding": "5.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiap-u:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "743763F2-D4DE-4E9D-B112-7CA27C61A423", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiap-w2:*:*:*:*:*:*:*:*", "matchCriteriaId": "87E0B46B-B76D-4D27-AD6F-E929E362B6E1", "versionEndIncluding": "7.0.1", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiap-w2:*:*:*:*:*:*:*:*", "matchCriteriaId": "B602BCD9-47CF-443C-A759-0B8379777768", "versionEndExcluding": "7.0.6", "versionStartIncluding": "7.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiap-w2:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9D26699-16AD-4752-A088-72CF117C98D0", "versionEndExcluding": "7.2.2", "versionStartIncluding": "7.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all versions; FortiAP 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions, 6.0 all versions; FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to read arbitrary files via specially crafted command arguments."}, {"lang": "es", "value": "Una vulnerabilidad de filtrado incompleto de una o m\u00e1s instancias de elementos especiales [CWE-792] en el int\u00e9rprete de l\u00ednea de comando de FortiAP-W2 7.2.0 a 7.2.1, 7.0.3 a 7.0.5, 7.0.0 a 7.0.1, 6.4 todas las versiones, 6.2 todas las versiones, 6.0 todas las versiones; FortiAP-C 5.4.0 a 5.4.4, 5.2 todas las versiones; FortiAP 7.2.0 a 7.2.1, 7.0.0 a 7.0.5, 6.4 todas las versiones, 6.0 todas las versiones; FortiAP-U 7.0.0, 6.2.0 a 6.2.5, 6.0 todas las versiones, 5.4 todas las versiones puede permitir que un atacante autenticado lea archivos arbitrarios mediante argumentos de comando especialmente manipulados."}], "id": "CVE-2023-25608", "lastModified": "2024-11-21T07:49:49.420", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "psirt@fortinet.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-13T13:15:08.040", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-22-120"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-22-120"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-792"}], "source": "psirt@fortinet.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}