Vulnerability Details CVE-2022-27488
A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0 through 6.2.7, 6.0.x, FortiMail version 7.0.0 through 7.0.3, 6.4.0 through 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 through 6.4.2, 6.0.x, 2.7.x, 2.6.x, FortiNDR version 1.x.x allows a remote unauthenticated attacker to execute commands on the CLI via tricking an authenticated administrator to execute malicious GET requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.2%
CVSS Severity
CVSS v3 Score 8.3
Products affected by CVE-2022-27488
-
cpe:2.3:a:fortinet:fortiai:1.1.0
-
cpe:2.3:a:fortinet:fortiai:1.5.3
-
cpe:2.3:a:fortinet:fortimail:6.0.0
-
cpe:2.3:a:fortinet:fortimail:6.0.1
-
cpe:2.3:a:fortinet:fortimail:6.0.10
-
cpe:2.3:a:fortinet:fortimail:6.0.11
-
cpe:2.3:a:fortinet:fortimail:6.0.12
-
cpe:2.3:a:fortinet:fortimail:6.0.2
-
cpe:2.3:a:fortinet:fortimail:6.0.3
-
cpe:2.3:a:fortinet:fortimail:6.0.4
-
cpe:2.3:a:fortinet:fortimail:6.0.5
-
cpe:2.3:a:fortinet:fortimail:6.0.6
-
cpe:2.3:a:fortinet:fortimail:6.0.7
-
cpe:2.3:a:fortinet:fortimail:6.0.8
-
cpe:2.3:a:fortinet:fortimail:6.0.9
-
cpe:2.3:a:fortinet:fortimail:6.2.0
-
cpe:2.3:a:fortinet:fortimail:6.2.1
-
cpe:2.3:a:fortinet:fortimail:6.2.2
-
cpe:2.3:a:fortinet:fortimail:6.2.3
-
cpe:2.3:a:fortinet:fortimail:6.2.4
-
cpe:2.3:a:fortinet:fortimail:6.2.5
-
cpe:2.3:a:fortinet:fortimail:6.2.6
-
cpe:2.3:a:fortinet:fortimail:6.2.7
-
cpe:2.3:a:fortinet:fortimail:6.2.8
-
cpe:2.3:a:fortinet:fortimail:6.2.9
-
cpe:2.3:a:fortinet:fortimail:6.4.0
-
cpe:2.3:a:fortinet:fortimail:6.4.1
-
cpe:2.3:a:fortinet:fortimail:6.4.2
-
cpe:2.3:a:fortinet:fortimail:6.4.3
-
cpe:2.3:a:fortinet:fortimail:6.4.4
-
cpe:2.3:a:fortinet:fortimail:6.4.5
-
cpe:2.3:a:fortinet:fortimail:6.4.6
-
cpe:2.3:a:fortinet:fortimail:7.0.0
-
cpe:2.3:a:fortinet:fortimail:7.0.1
-
cpe:2.3:a:fortinet:fortimail:7.0.2
-
cpe:2.3:a:fortinet:fortimail:7.0.3
-
cpe:2.3:a:fortinet:fortindr:7.0.0
-
cpe:2.3:a:fortinet:fortindr:7.1.0
-
cpe:2.3:a:fortinet:fortirecorder:*
-
cpe:2.3:a:fortinet:fortirecorder:6.0.0
-
cpe:2.3:a:fortinet:fortirecorder:6.0.10
-
cpe:2.3:a:fortinet:fortirecorder:6.0.11
-
cpe:2.3:a:fortinet:fortirecorder:6.4.0
-
cpe:2.3:a:fortinet:fortirecorder:6.4.1
-
cpe:2.3:a:fortinet:fortirecorder:6.4.2
-
cpe:2.3:a:fortinet:fortivoice:6.0.0
-
cpe:2.3:a:fortinet:fortivoice:6.0.1
-
cpe:2.3:a:fortinet:fortivoice:6.0.10
-
cpe:2.3:a:fortinet:fortivoice:6.0.11
-
cpe:2.3:a:fortinet:fortivoice:6.0.2
-
cpe:2.3:a:fortinet:fortivoice:6.0.3
-
cpe:2.3:a:fortinet:fortivoice:6.0.4
-
cpe:2.3:a:fortinet:fortivoice:6.0.5
-
cpe:2.3:a:fortinet:fortivoice:6.0.6
-
cpe:2.3:a:fortinet:fortivoice:6.0.7
-
cpe:2.3:a:fortinet:fortivoice:6.0.8
-
cpe:2.3:a:fortinet:fortivoice:6.0.9
-
cpe:2.3:a:fortinet:fortivoice:6.4.0
-
cpe:2.3:a:fortinet:fortivoice:6.4.1
-
cpe:2.3:a:fortinet:fortivoice:6.4.2
-
cpe:2.3:a:fortinet:fortivoice:6.4.3
-
cpe:2.3:a:fortinet:fortivoice:6.4.4
-
cpe:2.3:a:fortinet:fortivoice:6.4.5
-
cpe:2.3:a:fortinet:fortivoice:6.4.6
-
cpe:2.3:a:fortinet:fortivoice:6.4.7
-
cpe:2.3:o:fortinet:fortiswitch:6.0.0
-
cpe:2.3:o:fortinet:fortiswitch:6.0.1
-
cpe:2.3:o:fortinet:fortiswitch:6.0.2
-
cpe:2.3:o:fortinet:fortiswitch:6.0.3
-
cpe:2.3:o:fortinet:fortiswitch:6.0.4
-
cpe:2.3:o:fortinet:fortiswitch:6.0.5
-
cpe:2.3:o:fortinet:fortiswitch:6.0.6
-
cpe:2.3:o:fortinet:fortiswitch:6.0.7
-
cpe:2.3:o:fortinet:fortiswitch:6.2.0
-
cpe:2.3:o:fortinet:fortiswitch:6.2.1
-
cpe:2.3:o:fortinet:fortiswitch:6.2.2
-
cpe:2.3:o:fortinet:fortiswitch:6.2.3
-
cpe:2.3:o:fortinet:fortiswitch:6.2.4
-
cpe:2.3:o:fortinet:fortiswitch:6.2.5
-
cpe:2.3:o:fortinet:fortiswitch:6.2.6
-
cpe:2.3:o:fortinet:fortiswitch:6.2.7
-
cpe:2.3:o:fortinet:fortiswitch:6.4.0
-
cpe:2.3:o:fortinet:fortiswitch:6.4.1
-
cpe:2.3:o:fortinet:fortiswitch:6.4.10
-
cpe:2.3:o:fortinet:fortiswitch:6.4.2
-
cpe:2.3:o:fortinet:fortiswitch:6.4.3
-
cpe:2.3:o:fortinet:fortiswitch:6.4.4
-
cpe:2.3:o:fortinet:fortiswitch:6.4.5
-
cpe:2.3:o:fortinet:fortiswitch:6.4.6
-
cpe:2.3:o:fortinet:fortiswitch:6.4.7
-
cpe:2.3:o:fortinet:fortiswitch:6.4.8
-
cpe:2.3:o:fortinet:fortiswitch:6.4.9
-
cpe:2.3:o:fortinet:fortiswitch:7.0.0
-
cpe:2.3:o:fortinet:fortiswitch:7.0.1
-
cpe:2.3:o:fortinet:fortiswitch:7.0.2
-
cpe:2.3:o:fortinet:fortiswitch:7.0.3
-
cpe:2.3:o:fortinet:fortiswitch:7.0.4