CVE-2022-23439
published 2025-01-22CVE-2022-23439: A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver
Affected
131 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortiadc | — | — |
| fortinet | fortiadc | 5.0.0 – 5.0.4 | — |
| fortinet | fortiadc | 5.1.0 – 5.1.7 | — |
| fortinet | fortiadc | 5.2.0 – 5.2.8 | — |
| fortinet | fortiadc | 5.3.0 – 5.3.7 | — |
| fortinet | fortiadc | >= 5.4.0 < 6.2.4 | 6.2.4 |
| fortinet | fortiadc | 5.4.0 – 5.4.5 | — |
| fortinet | fortiadc | 6.0.0 – 6.0.4 | — |
| fortinet | fortiadc | 6.1.0 – 6.1.6 | — |
| fortinet | fortiadc | 6.2.0 – 6.2.3 | — |
| fortinet | fortiadc | 7.0.0 – 7.0.1 | — |
| fortinet | fortianalyzer | 6.2.0 – 6.2.13 | — |
| fortinet | fortianalyzer | 6.4.0 – 6.4.15 | — |
| fortinet | fortianalyzer | 7.0.0 – 7.0.15 | — |
| fortinet | fortianalyzer | 7.2.0 – 7.2.11 | — |
| fortinet | fortianalyzer | 7.4.0 – 7.4.2 | — |
| fortinet | fortiauthenticator | — | — |
| fortinet | fortiauthenticator | — | — |
| fortinet | fortiauthenticator | 5.1.0 – 5.1.2 | — |
| fortinet | fortiauthenticator | 5.2.0 – 5.2.2 | — |
| fortinet | fortiauthenticator | 5.3.0 – 5.3.1 | — |
| fortinet | fortiauthenticator | 5.4.0 – 5.4.1 | — |
| fortinet | fortiauthenticator | 6.0.0 – 6.0.8 | — |
| fortinet | fortiauthenticator | 6.1.0 – 6.1.3 | — |
| fortinet | fortiauthenticator | 6.2.0 – 6.2.2 | — |