Exploit And Vulnerability Intelligence
Vulnerability Intelligence
Leverage the vulnerability intelligence features within VulnCheck Exploit & Vulnerability Intelligence to get the industry's fastest and most comprehensive vulnerability intelligence available and solve the vulnerability prioritization challenge today.
VulnCheck Vulnerability Intelligence service provides vulnerability enrichment, CPE Enrichment, CVSS temporal scores, vulnerability categorization data, and embeds rich exploit intelligence to go well above and beyond what the NIST NVD provides.
VulnCheck Vulnerability Intelligence is an autonomous system that tracks hundreds of vendor and government advisories, and then marries that data with best-in-class exploit intelligence from VulnCheck.
Unlike other vulnerability databases, VulnCheck includes the latest information on a wider range of vulnerabilities, including:
- Vulnerabilities in Open Source packages / dependencies
- Vulnerabilities in ICS/OT, IoMT, IoT, mobile, etc., devices
VulnCheck Exploit & Vulnerability Intelligence also includes unique fields, typically unavailable in other alternative sources, such as:
- Categorization (e.g., ICS/OT, IoMT, IoT, Mobile, Server Software, etc.)
- Faster & Cleaner Common Platform Enumeration(CPE)
- CVSS Temporal Enrichment (CVSS-BT) / CVSS V4 Enrichment
- MITRE ATT&CK mapping
- MITRE Attack Patterns (CAPEC) mapping
- CWE associations for pre-2008 CVEs
- More vendor advisory references
- More vulnerability database references
- More exploit references
- Less broken links
- EPSS Enrichment
- Ability to query by Package URL (purl)
- Vulnerability Status
Download vulncheck-nvd2
The VulnCheck API makes it easy to download VulnCheck Vulnerability Intelligence. To start, simply query the vulncheck-nvd2 index via the `/v3/backup/vulncheck-nvd2 API as follows:
curl --request GET \
--url https://api.vulncheck.com/v3/backup/vulncheck-nvd2 \
--header 'Accept: application/json' \
--header 'Authorization: Bearer insert_token_here'
Access Individual vulncheck-nvd2 CVE Records
The VulnCheck API makes it easy to get started with VulnCheck Exploit & Vulnerability Intelligence. To start, simply query the vulncheck-nvd2 index via the /v3/index/:index?cve=:cve API as follows:
curl --request GET \
--url https://api.vulncheck.com/v3/index/vulncheck-nvd2?cve=CVE-2024-21762 \
--header 'Accept: application/json' \
--header 'Authorization: Bearer insert_token_here'
The above example searches the vulncheck-nvd2 index for information on CVE-2024-21762.
Example API Response for vulncheck-nvd2 by CVE
After calling the /v3/index/vulncheck-nvd2?cve=:cve API endpoint with a valid CVE identifier, a response similar to the below will be returned:
{
"_benchmark": 0.095634,
"_meta": {
"timestamp": "2024-06-28T14:29:46.098229476Z",
"index": "vulncheck-nvd2",
"limit": 10,
"total_documents": 1,
"sort": "_id",
"parameters": [
{
"name": "cve",
"format": "CVE-YYYY-N{4-7}"
},
{
"name": "alias"
},
{
"name": "iava",
"format": "[0-9]{4}[A-Z-0-9]+"
},
{
"name": "threat_actor"
},
{
"name": "mitre_id"
},
{
"name": "misp_id"
},
{
"name": "ransomware"
},
{
"name": "botnet"
},
{
"name": "published"
},
{
"name": "lastModStartDate",
"format": "YYYY-MM-DD"
},
{
"name": "lastModEndDate",
"format": "YYYY-MM-DD"
},
{
"name": "pubStartDate",
"format": "YYYY-MM-DD"
},
{
"name": "pubEndDate",
"format": "YYYY-MM-DD"
}
],
"order": "desc",
"page": 1,
"total_pages": 1,
"max_pages": 6,
"first_item": 1,
"last_item": 1
},
"data": [
{
"id": "CVE-2024-21762",
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Analyzed",
"published": "2024-02-09T09:15:08.087Z",
"lastModified": "2024-02-13T18:21:14.607Z",
"cisaExploitAdd": "2024-02-09T00:00:00Z",
"vulncheckKEVExploitAdd": "2024-02-08T00:00:00Z",
"cisaActionDue": "2024-02-16T00:00:00Z",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Fortinet FortiOS Out-of-Bound Write Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests"
},
{
"lang": "es",
"value": "Una escritura fuera de los límites en Fortinet FortiOS versiones 7.4.0 a 7.4.2, 7.2.0 a 7.2.6, 7.0.0 a 7.0.13, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15 , 6.0.0 a 6.0.17, y versiones de FortiProxy 7.4.0 a 7.4.2, 7.2.0 a 7.2.8, 7.0.0 a 7.0.14, 2.0.0 a 2.0.13, 1.2.0 a 1.2.13 , 1.1.0 a 1.1.6, 1.0.0 a 1.0.7. Permite al atacante ejecutar código o comandos no autorizados a través de solicitudes específicamente manipuladas"
}
],
"references": [
{
"status": "active",
"lang": "ru",
"name": "Уязвимость службы sslvpnd операционных систем FortiOS, позволяющая нарушителю выполнить произвольный код или произвольные команды",
"url": "https://bdu.fstec.ru/vul/2024-01125",
"refsource": "BDU",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-08T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Warning: Two Critical Vulnerabilities Affect Multiple Fortinet Products",
"url": "https://cert.be/en/advisory/warning-two-critical-vulnerabilities-affect-multiple-fortinet-products",
"refsource": "CERT-BE",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-12T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Multiple Vulnerabilities in Siemens Products",
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES02&VLCODE=CIAD-2024-0019",
"refsource": "CERT-IN",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-03-21T00:00:00Z"
},
{
"status": "active",
"lang": "fr",
"name": "Multiples vulnérabilités dans les produits Fortinet",
"url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2024-AVI-0108/",
"refsource": "CERTFR",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-09T00:00:00Z"
},
{
"status": "active",
"lang": "fr",
"name": "[SCADA] Multiples vulnérabilités dans les produits Siemens",
"url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2024-AVI-0203/",
"refsource": "CERTFR",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-03-12T00:00:00Z"
},
{
"status": "active",
"lang": "fr",
"name": "[MàJ] Vulnérabilité dans Fortinet FortiOS",
"url": "https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-004/",
"refsource": "CERTFR-ALERTS",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-09T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Fortinet Multiple Products Out of Bounds Write (CVE-2024-21762)",
"url": "https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2024-0133.html",
"refsource": "CHECKPOINT",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-03-26T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "CISA Adds One Known Exploited Vulnerability to Catalog",
"url": "https://cisa.gov/news-events/alerts/2024/02/09/cisa-adds-one-known-exploited-vulnerability-catalog",
"refsource": "CISA",
"date_added": "2024-02-09T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Fortinet Releases Security Advisories for FortiOS",
"url": "https://cisa.gov/news-events/alerts/2024/02/09/fortinet-releases-security-advisories-fortios",
"refsource": "CISA",
"date_added": "2024-02-09T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Siemens RUGGEDCOM APE1808",
"url": "https://cisa.gov/news-events/ics-advisories/icsa-24-074-05",
"refsource": "CISA",
"date_added": "2024-03-14T00:00:00Z"
},
{
"status": "active",
"lang": "cn",
"name": "Fortinet FortiOS 缓冲区错误漏洞",
"url": "http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202402-751",
"refsource": "CNNVD",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-09T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Out-of-bound Write in sslvpnd",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-015",
"refsource": "FORTINET",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-08T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "FortiOS and FortiProxy Multiple Vulnerabilities",
"url": "https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2024-03-05_FortiOS_February_Advisory.pdf",
"refsource": "GE-GAS",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-03-05T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Fortinet Products Multiple Vulnerabilities",
"url": "https://www.hkcert.org/security-bulletin/fortinet-products-multiple-vulnerabilities_20240209",
"refsource": "HKCERT",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-09T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Fortinet FortiOS SSLVPN CVE-2024-21762 Out-of-bounds Write Vulnerability",
"url": "https://isecurity.huawei.com/sec/web/viewIps.do?threatId=748330",
"refsource": "HUAWEI-IPS",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-03-29T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "フォーティネットの FortiProxy および FortiOS における境界外書き込みに関する脆弱性",
"url": "https://jvndb.jvn.jp/ja/contents/2024/JVNDB-2024-002614.html",
"refsource": "JVNDB",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-03-27T00:00:00Z"
},
{
"status": "active",
"lang": "ko",
"name": "Fortinet 제품 보안 업데이트 권고",
"url": "https://www.krcert.or.kr/kr/bbs/view.do?searchCnd=1&bbsId=B0000133&searchWrd=&menuNo=205020&categoryCode=&nttId=71329",
"refsource": "KRCERT-SECURITY-NOTICES",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-15T00:00:00Z"
},
{
"status": "active",
"lang": "fr",
"name": "Vulnérabilité critique dans FortiOS",
"url": "https://www.dgssi.gov.ma/fr/bulletins/vulnerabilite-critique-dans-fortios",
"refsource": "MACERT",
"tags": [
"Vendor Advisory"
],
"date_added": "1970-01-01T00:00:00Z"
},
{
"status": "active",
"lang": "fr",
"name": "Vulnérabilités critiques dans les produits Siemens",
"url": "https://www.dgssi.gov.ma/fr/bulletins/vulnerabilites-critiques-dans-les-produits-siemens",
"refsource": "MACERT",
"tags": [
"Vendor Advisory"
],
"date_added": "1970-01-01T00:00:00Z"
},
{
"url": "https://fortiguard.com/psirt/FG-IR-24-015",
"source": "psirt@fortinet.com",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"date_added": "1970-01-01T00:00:00Z"
},
{
"name": "Fortinet FortiOS Out-of-Bound Write Vulnerability",
"url": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json",
"refsource": "MISC",
"date_added": "2024-02-09T00:00:00Z"
},
{
"name": "BishopFox/cve-2024-21762-check exploit repository",
"url": "https://github.com/BishopFox/cve-2024-21762-check",
"refsource": "MISC",
"tags": [
"Exploit"
],
"date_added": "2024-02-28T00:00:00Z"
},
{
"name": "cleverg0d/CVE-2024-21762-Checker exploit repository",
"url": "https://github.com/cleverg0d/CVE-2024-21762-Checker",
"refsource": "MISC",
"tags": [
"Exploit"
],
"date_added": "2024-03-11T00:00:00Z"
},
{
"name": "FortiGate SSLVPN CVE-2024-21762漏洞利用分析",
"url": "https://mp.weixin.qq.com/s?__biz=Mzk0OTU2ODQ4Mw==&mid=2247484811&idx=1&sn=2e0407a32ba0c2925d6d857f4cdf7cbb&chksm=c3571307f4209a110d6b28cea9fe59ac0f0a2079c998a682e919860f397ea647fa0794933906&mpshare=1&scene=1&srcid=0313EaETjGzEAvOdByUt6ovU#rd",
"refsource": "MISC",
"tags": [
"Exploit"
],
"date_added": "2024-03-12T00:00:00Z"
},
{
"name": "h4x0r-dz/CVE-2024-21762 exploit repository",
"url": "https://github.com/h4x0r-dz/CVE-2024-21762",
"refsource": "MISC",
"tags": [
"Exploit"
],
"date_added": "2024-03-13T00:00:00Z"
},
{
"name": "r4p3c4/CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check exploit repository",
"url": "https://github.com/r4p3c4/CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check",
"refsource": "MISC",
"tags": [
"Exploit"
],
"date_added": "2024-03-13T00:00:00Z"
},
{
"name": "Fortinet FortiOS Out-Of-Bounds Write",
"url": "https://packetstormsecurity.com/files/177602/Fortinet-FortiOS-Out-Of-Bounds-Write.html",
"refsource": "MISC",
"tags": [
"Exploit"
],
"date_added": "2024-03-14T00:00:00Z"
},
{
"name": "Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762",
"url": "https://www.assetnote.io/resources/research/two-bytes-is-plenty-fortigate-rce-with-cve-2024-21762",
"refsource": "MISC",
"tags": [
"Exploit"
],
"date_added": "2024-03-15T00:00:00Z"
},
{
"name": "d0rb/CVE-2024-21762 exploit repository",
"url": "https://github.com/d0rb/CVE-2024-21762",
"refsource": "MISC",
"tags": [
"Exploit"
],
"date_added": "2024-03-17T00:00:00Z"
},
{
"name": "FortiOS and FortiProxy (CVE-2024-21762)",
"url": "https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-03-18&host_type=src&vulnerability=cve-2024-21762",
"refsource": "MISC",
"date_added": "2024-03-18T00:00:00Z"
},
{
"name": "FortiOS and FortiProxy (CVE-2024-21762)",
"url": "https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-03-19&host_type=src&vulnerability=cve-2024-21762",
"refsource": "MISC",
"date_added": "2024-03-19T00:00:00Z"
},
{
"name": "FortiOS and FortiProxy (CVE-2024-21762)",
"url": "https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-03-20&host_type=src&vulnerability=cve-2024-21762",
"refsource": "MISC",
"date_added": "2024-03-20T00:00:00Z"
},
{
"name": "FortiOS and FortiProxy (CVE-2024-21762)",
"url": "https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-03-21&host_type=src&vulnerability=cve-2024-21762",
"refsource": "MISC",
"date_added": "2024-03-21T00:00:00Z"
},
{
"name": "FortiOS and FortiProxy (CVE-2024-21762)",
"url": "https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-03-23&host_type=src&vulnerability=cve-2024-21762",
"refsource": "MISC",
"date_added": "2024-03-23T00:00:00Z"
},
{
"name": "FortiOS and FortiProxy (CVE-2024-21762)",
"url": "https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-04-02&host_type=src&vulnerability=cve-2024-21762",
"refsource": "MISC",
"date_added": "2024-04-02T00:00:00Z"
},
{
"name": "zzcentury/FortiGate-CVE-2024-21762 exploit repository",
"url": "https://github.com/zzcentury/FortiGate-CVE-2024-21762",
"refsource": "MISC",
"tags": [
"Exploit"
],
"date_added": "2024-04-13T00:00:00Z"
},
{
"name": "rdoix/cve-2024-21762-checker exploit repository",
"url": "https://github.com/rdoix/cve-2024-21762-checker",
"refsource": "MISC",
"tags": [
"Exploit"
],
"date_added": "2024-06-20T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21762",
"refsource": "MITRE-CVE",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-09T08:14:25Z"
},
{
"status": "active",
"lang": "en",
"name": "Fortinet Fortigate (FG-IR-24-015)",
"url": "https://www.tenable.com/plugins/nessus/190238",
"refsource": "NESSUS",
"date_added": "2024-02-08T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Fortinet FortiProxy Out-of-bound Write in sslvpnd (FG-IR-24-015)",
"url": "https://www.tenable.com/plugins/nessus/191084",
"refsource": "NESSUS",
"date_added": "2024-02-28T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Critical Out-of-Bounds Write Vulnerability CVE-2024-21762 in FortiOS and FortiProxy",
"url": "https://digital.nhs.uk/cyber-alerts/2024/cc-4452",
"refsource": "NHS",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-09T11:54:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Multiple RCE vulnerabilities affecting Fortinet products",
"url": "https://www.cert.govt.nz/it-specialists/advisories/multiple-rce-vulnerabilities-affecting-fortios/",
"refsource": "NZ-ADVISORIES",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-09T15:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 devices",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-832273.html",
"refsource": "SIEMENS",
"tags": [
"ICS/OT",
"Vendor Advisory"
],
"date_added": "2024-03-12T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Active Exploitation of Critical Vulnerability in FortiOS",
"url": "https://www.csa.gov.sg/alerts-advisories/alerts/2024/al-2024-016",
"refsource": "SINGCERT",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-09T00:00:00Z"
},
{
"status": "active",
"lang": "en",
"name": "Security Bulletin 14 Feb 2024",
"url": "https://www.csa.gov.sg/alerts-advisories/security-bulletins/2024/sb-2024-007",
"refsource": "SINGCERT",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-14T00:00:00Z"
},
{
"status": "active",
"lang": "tr",
"name": "TR-24-0101 (Fortinet Güvenlik Bildirimi)",
"url": "https://www.usom.gov.tr/bildirim/tr-24-0101",
"refsource": "USOM",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-10T15:55:43Z"
},
{
"status": "active",
"lang": "tr",
"name": "TR-24-0111 (Fortinet Güvenlik Bildirimi)",
"url": "https://www.usom.gov.tr/bildirim/tr-24-0111",
"refsource": "USOM",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-16T13:22:52Z"
},
{
"status": "active",
"lang": "en",
"name": "Zero-day vulnerability in FortiOS",
"url": "https://www.zero-day.cz/database/860/",
"refsource": "ZERO-DAY-CZ",
"tags": [
"Vendor Advisory"
],
"date_added": "2024-02-09T00:00:00Z"
},
{
"name": "CVE-2024-21762 exploited by Unattributed threat actor",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-015",
"refsource": "vulncheck-threat-actors",
"date_added": "2024-02-08T00:00:00Z"
},
{
"name": "CVE-2024-21762 exploited by Unattributed threat actor",
"url": "https://www.fortiguard.com/psirt/FG-IR-24-015",
"refsource": "vulncheck-threat-actors",
"date_added": "2024-02-08T00:00:00Z"
},
{
"name": "CVE-2024-21762 exploited by Unattributed threat actor",
"url": "https://www.cisa.gov/news-events/alerts/2024/02/09/fortinet-releases-security-advisories-fortios",
"refsource": "vulncheck-threat-actors",
"date_added": "2024-02-09T00:00:00Z"
},
{
"name": "CVE-2024-21762 exploited by Unattributed threat actor",
"url": "https://www.tenable.com/blog/cve-2024-21762-critical-fortinet-fortios-out-of-bound-write-ssl-vpn-vulnerability",
"refsource": "vulncheck-threat-actors",
"date_added": "2024-02-09T00:00:00Z"
},
{
"name": "CVE-2024-21762 exploited by Vanguard Panda threat actor",
"url": "https://www.threatmate.com/post/fortinet-vpn-targeted-by-chinese-actor-volt-typhoon-attacks",
"refsource": "vulncheck-threat-actors",
"date_added": "2024-02-11T00:00:00Z"
},
{
"name": "CVE-2024-21762 exploited by Unattributed threat actor",
"url": "https://www.rapid7.com/blog/post/2024/02/12/etr-critical-fortinet-fortios-cve-2024-21762-exploited/",
"refsource": "vulncheck-threat-actors",
"date_added": "2024-02-12T00:00:00Z"
},
{
"name": "CVE-2024-21762 exploited by Unattributed threat actor",
"url": "https://labs.withsecure.com/publications/mass-exploitation-the-vulnerable-edge-of-enterprise-security",
"refsource": "vulncheck-threat-actors",
"date_added": "2024-06-12T00:00:00Z"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"temporalCVSSV31": {
"version": "3.1",
"vectorString": "E:H/RL:X/RC:C",
"exploitCodeMaturity": "HIGH",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "CONFIRMED",
"temporalScore": 9.8,
"associatedBaseMetricV3": {
"source": "nvd@nist.gov",
"type": "Primary",
"baseScore": 9.8
}
},
"temporalCVSSV31Secondary": [
{
"version": "3.1",
"vectorString": "E:H/RL:X/RC:C",
"exploitCodeMaturity": "HIGH",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "CONFIRMED",
"temporalScore": 9.8,
"associatedBaseMetricV3": {
"source": "psirt@fortinet.com",
"type": "Secondary",
"baseScore": 9.8
}
}
],
"epss": {
"epss_score": 0.01842,
"epss_percentile": 0.88426,
"last_modified": "2024-06-28T10:05:46.084968Z"
}
},
"weaknesses": [
{
"source": "psirt@fortinet.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787",
"name": "Out-of-bounds Write",
"url": "https://cwe.mitre.org/data/definitions/787.html"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "2.0.14",
"matchCriteriaId": "614BFD88-3C7A-4F6F-BD26-F53E4BC464D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.15",
"matchCriteriaId": "72ED8947-DBF3-483B-B267-117403A3D8E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.9",
"matchCriteriaId": "DF62C95E-AB35-4A8E-84F8-5197E9D33C21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.3",
"matchCriteriaId": "4A077234-F19C-4E87-A7A5-A266B5C903C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.2.16",
"matchCriteriaId": "E9BCDC86-176E-401A-B188-F77E22BCFC2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndExcluding": "6.4.15",
"matchCriteriaId": "4E29353F-8791-4117-BA7A-E32FAB8348A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.14",
"matchCriteriaId": "C119229A-3805-47C1-B3F9-AF1A4007A63B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.7",
"matchCriteriaId": "553C4BA9-953B-4017-8498-785BDA7A3006"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndExcluding": "7.4.3",
"matchCriteriaId": "757A5257-6103-4DC5-B79F-727E4279614A"
}
]
}
]
}
],
"vcConfigurations": [
{
"nodes": [
{
"operator": "OR",
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndIncluding": "1.0.7",
"matchCriteriaId": ""
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.1.0",
"versionEndIncluding": "1.1.6",
"matchCriteriaId": ""
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.2.0",
"versionEndIncluding": "1.2.13",
"matchCriteriaId": ""
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndIncluding": "2.0.13",
"matchCriteriaId": ""
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.0.14",
"matchCriteriaId": ""
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndIncluding": "7.2.8",
"matchCriteriaId": ""
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndIncluding": "7.4.2",
"matchCriteriaId": ""
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.0.17",
"matchCriteriaId": ""
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndIncluding": "6.2.15",
"matchCriteriaId": ""
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndIncluding": "6.4.14",
"matchCriteriaId": ""
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.0.13",
"matchCriteriaId": ""
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndIncluding": "7.2.6",
"matchCriteriaId": ""
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndIncluding": "7.4.2",
"matchCriteriaId": ""
}
]
}
]
}
],
"vulnerableCPEs": [
"cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.13:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*"
],
"vcVulnerableCPEs": [
"cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.1.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.13:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:1.2.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:2.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiproxy:7.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.16:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.17:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*"
],
"STATUS": "Analyzed",
"categorization": {
"tags": [
"ICS/OT",
"IoT"
]
},
"relatedAttackPatterns": [
{
"lang": "en",
"capec_id": "CAPEC-100",
"capec_name": "Overflow Buffers",
"capec_url": "https://capec.mitre.org/data/definitions/100.html"
}
],
"mitreAttackTechniques": [
{
"id": "T0819",
"url": "https://attack.mitre.org/techniques/T0819",
"name": "Exploit Public-Facing Application",
"domain": "ICS",
"tactics": [
"initial-access"
],
"subtechnique": false
},
{
"id": "T0866",
"url": "https://attack.mitre.org/techniques/T0866",
"name": "Exploitation of Remote Services",
"domain": "ICS",
"tactics": [
"initial-access",
"lateral-movement"
],
"subtechnique": false
}
],
"date_added": "2024-02-08T00:00:00Z",
"documentGenerationDate": "2024-06-28T12:06:40.053130613Z"
}
]
}
The above example response shows what the
vulncheck-nvd2index returns forCVE-2024-21762.
Exploit Intelligence
Leverage best-in-class exploit intelligence from VulnCheck to understand the state of vulnerability exploitation for a given vulnerability.
Vulnerability Enrichment
VulnCheck generates unique vulnerability enrichment that is then incorporated into VulnCheck's Exploit and Vulnerability Intelligence services.
