PT-2022-8912 · Fortinet · Fortisandbox

Published

2022-04-06

Updated

2022-04-13

CVE-2020-29013

CVSS v2.0

5.5

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions FortiSandbox versions prior to 3.2.2

Description An improper input validation issue in the sniffer interface may allow an authenticated attacker to silently halt the sniffer via specifically crafted requests.

Recommendations For versions prior to 3.2.2, update to version 3.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the sniffer interface to minimize the risk of exploitation.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2020-29013

Affected Products

Fortisandbox

PT-2022-8912 · Fortinet · Fortisandbox

CVE-2020-29013

Weakness Enumeration

Related Identifiers

Affected Products

References · 5