{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-27482","assignerOrgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","state":"PUBLISHED","assignerShortName":"fortinet","dateReserved":"2022-03-21T16:03:48.573Z","datePublished":"2023-02-16T18:06:42.848Z","dateUpdated":"2024-10-23T14:46:17.267Z"},"containers":{"cna":{"affected":[{"vendor":"Fortinet","product":"FortiADC","defaultStatus":"unaffected","versions":[{"versionType":"semver","version":"7.0.0","lessThanOrEqual":"7.0.2","status":"affected"},{"versionType":"semver","version":"6.2.0","lessThanOrEqual":"6.2.2","status":"affected"},{"versionType":"semver","version":"6.1.0","lessThanOrEqual":"6.1.6","status":"affected"},{"versionType":"semver","version":"6.0.0","lessThanOrEqual":"6.0.4","status":"affected"},{"versionType":"semver","version":"5.4.0","lessThanOrEqual":"5.4.5","status":"affected"},{"versionType":"semver","version":"5.3.0","lessThanOrEqual":"5.3.7","status":"affected"},{"versionType":"semver","version":"5.2.0","lessThanOrEqual":"5.2.8","status":"affected"},{"versionType":"semver","version":"5.1.0","lessThanOrEqual":"5.1.7","status":"affected"},{"versionType":"semver","version":"5.0.0","lessThanOrEqual":"5.0.4","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.1, 6.2.0 through 6.2.2, 6.1.0 through 6.1.6, 6.0.x, 5.x.x allows attacker to execute arbitrary shell code as `root` via CLI commands."}],"providerMetadata":{"orgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","shortName":"fortinet","dateUpdated":"2023-02-16T18:06:42.848Z"},"problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-78","description":"Execute unauthorized code or commands","type":"CWE"}]}],"metrics":[{"format":"CVSS","cvssV3_1":{"version":"3.1","attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.4,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C"}}],"solutions":[{"lang":"en","value":"Please upgrade to FortiADC version 7.0.2 or above,\nPlease upgrade to FortiADC version 6.2.4 or above."}],"references":[{"name":"https://fortiguard.com/psirt/FG-IR-22-046","url":"https://fortiguard.com/psirt/FG-IR-22-046"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T05:25:32.814Z"},"title":"CVE Program Container","references":[{"name":"https://fortiguard.com/psirt/FG-IR-22-046","url":"https://fortiguard.com/psirt/FG-IR-22-046","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-10-23T14:11:40.887043Z","id":"CVE-2022-27482","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-23T14:46:17.267Z"}}]}}