CVE-2022-42472 — HTTP Request/Response Splitting in Fortinet Fortios

CWE-113 — HTTP Request/Response Splitting CWE-74 — Injection CWE-436 — Interpretation Conflict4 documents4 sources

Severity

5.4MEDIUMNVD

CNA4.2

EPSS

0.3%

top 43.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fortinet Fortios Fortinet Fortiproxy

Timeline

PublishedFeb 16

Description

A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.11, 6.2.0 through 6.2.12, 6.0.0 through 6.0.16, FortiProxy 7.2.0 through 7.2.1, 7.0.0 through 7.0.7, 2.0.0 through 2.0.10, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages4 packages

▶CVEListV5fortinet/fortios7.2.0 — 7.2.2+4

▶NVDfortinet/fortios6.0.1 — 6.0.16+6

▶CVEListV5fortinet/fortiproxy7.2.0 — 7.2.1+4

▶NVDfortinet/fortiproxy1.1.0 — 1.1.6+5

Patches

Patch: fortiguard.com ↗Patch: fortiguard.com ↗

🔴Vulnerability Details

GHSA

GHSA-2c29-h3hm-8953: A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7↗2023-02-16

▶

CVEList

CVE-2022-42472: A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7↗2023-02-16

▶

📋Vendor Advisories

Fortinet

Header injection in proxy login page↗2023-02-16

▶