1. 主页
  2. 保安警报
  3. 保安警报 (A23-04-07)

保安警报 (A23-04-07): Fortinet 产品多个漏洞


 

发布日期: 2023年 4月 12日

  
  

描述:

Fortinet 发布了安全公告,以应对 Fortinet 产品的多个漏洞。攻击者可以向受影响的系统传送特制的请求,从而攻击这些漏洞。

 

受影响的系统:

  • FortiADC
  • FortiAnalyzer
  • FortiAuthenticator
  • FortiClient
  • FortiDDoS
  • FortiDeceptor
  • FortiGate
  • FortiManager
  • FortiNAC
  • FortiOS
  • FortiPresence
  • FortiProxy
  • FortiSandbox
  • FortiSIEM
  • FortiSOAR
  • FortiWeb

有关受影响产品的详细资料,请参阅供应商网站的相应保安建议中有关 “Affected Products” 的部分。

 

影响:

成功利用漏洞可以在受影响的系统上导致远端执行程式码、插入任意指令码、泄漏资讯、权限提升、绕过保安限制、仿冒诈骗或篡改,视乎攻击者利用哪个漏洞而定。

 

建议:

现已有适用于受影响系统的软件更新。受影响系统的管理员应遵从产品供应商的建议,立即採取行动以降低风险。

 

进一步资讯:

  • https://www.fortiguard.com/psirt/FG-IR-22-050
  • https://www.fortiguard.com/psirt/FG-IR-22-056
  • https://www.fortiguard.com/psirt/FG-IR-22-060
  • https://www.fortiguard.com/psirt/FG-IR-22-186
  • https://www.fortiguard.com/psirt/FG-IR-22-275
  • https://www.fortiguard.com/psirt/FG-IR-22-320
  • https://www.fortiguard.com/psirt/FG-IR-22-335
  • https://www.fortiguard.com/psirt/FG-IR-22-336
  • https://www.fortiguard.com/psirt/FG-IR-22-355
  • https://www.fortiguard.com/psirt/FG-IR-22-363
  • https://www.fortiguard.com/psirt/FG-IR-22-381
  • https://www.fortiguard.com/psirt/FG-IR-22-409
  • https://www.fortiguard.com/psirt/FG-IR-22-428
  • https://www.fortiguard.com/psirt/FG-IR-22-429
  • https://www.fortiguard.com/psirt/FG-IR-22-432
  • https://www.fortiguard.com/psirt/FG-IR-22-439
  • https://www.fortiguard.com/psirt/FG-IR-22-444
  • https://www.fortiguard.com/psirt/FG-IR-22-479
  • https://www.fortiguard.com/psirt/FG-IR-22-481
  • https://www.fortiguard.com/psirt/FG-IR-22-502
  • https://www.fortiguard.com/psirt/FG-IR-23-051
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0847
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27485
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27487
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35850
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40679
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40682
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41330 (to CVE-2022-41331)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42469 (to CVE-2022-42470)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42477
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43946 (to CVE-2022-43948)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43951 (to CVE-2022-43952)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43955
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22635
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22641 (to CVE-2023-22642)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27995


标签 : Fortinet , FortiADC , FortiAnalyzer , FortiAuthenticator , FortiClient , FortiDDoS , FortiDeceptor , FortiGate , FortiManager , FortiNAC , FortiOS , FortiPresence , FortiProxy , FortiSandbox , FortiSIEM , FortiSOAR , FortiWeb
标签