{"containers":{"cna":{"affected":[{"product":"Fortinet FortiWeb","vendor":"Fortinet","versions":[{"status":"affected","version":"FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4"}]}],"descriptions":[{"lang":"en","value":"A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a large certname."}],"problemTypes":[{"descriptions":[{"description":"Execute unauthorized code or commands","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2021-01-29T13:31:56.000Z","orgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","shortName":"fortinet"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://www.fortiguard.com/psirt/FG-IR-20-125"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@fortinet.com","ID":"CVE-2020-29016","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Fortinet FortiWeb","version":{"version_data":[{"version_value":"FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4"}]}}]},"vendor_name":"Fortinet"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a large certname."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Execute unauthorized code or commands"}]}]},"references":{"reference_data":[{"name":"https://www.fortiguard.com/psirt/FG-IR-20-125","refsource":"CONFIRM","url":"https://www.fortiguard.com/psirt/FG-IR-20-125"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T16:48:01.551Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.fortiguard.com/psirt/FG-IR-20-125"}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-10-24T20:10:56.422150Z","id":"CVE-2020-29016","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-25T14:23:38.299Z"}}]},"cveMetadata":{"assignerOrgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","assignerShortName":"fortinet","cveId":"CVE-2020-29016","datePublished":"2021-01-14T16:04:45.000Z","dateReserved":"2020-11-24T00:00:00.000Z","dateUpdated":"2024-10-25T14:23:38.299Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}