CVE-2022-27487

Name of the Vulnerable Software and Affected Versions FortiSandbox versions 4.2.0 through 4.2.2 FortiSandbox versions 4.0.0 through 4.0.2 FortiSandbox versions prior to 3.2.3 FortiDeceptor version 4.1.0 FortiDeceptor versions 4.0.0 through 4.0.2 FortiDeceptor versions prior to 3.3.3

Description The issue is related to improper privilege management in Fortinet FortiSandbox and FortiDeceptor. This can allow a remote authenticated attacker to perform unauthorized API calls via specially crafted HTTP or HTTPS requests.

Recommendations For FortiSandbox versions 4.2.0 through 4.2.2, update to a version outside of this range to resolve the issue. For FortiSandbox versions 4.0.0 through 4.0.2, update to a version outside of this range to resolve the issue. For FortiSandbox versions prior to 3.2.3, update to version 3.2.3 or later to resolve the issue. For FortiDeceptor version 4.1.0, update to a version outside of this range to resolve the issue. For FortiDeceptor versions 4.0.0 through 4.0.2, update to a version outside of this range to resolve the issue. For FortiDeceptor versions prior to 3.3.3, update to version 3.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to API endpoints to minimize the risk of exploitation.