CVE-2020-29011
published 2021-08-04CVE-2020-29011: Instances of SQL Injection vulnerabilities in the checksum search and MTA-quarantine modules of FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
Instances of SQL Injection vulnerabilities in the checksum search and MTA-quarantine modules of FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated attacker to execute unauthorized code on the underlying SQL interpreter via specifically crafted HTTP requests.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet_fortisandbox | — | — |
| fortinet | fortisandbox | < 3.1.5 | 3.1.5 |
| fortinet | fortisandbox | — | — |
| fortinet | fortisandbox | >= 3.2.0 < 3.2.2 | 3.2.2 |