{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T22:47:28.220","vulnerabilities":[{"cve":{"id":"CVE-2022-23439","sourceIdentifier":"psirt@fortinet.com","published":"2025-01-22T10:15:07.737","lastModified":"2026-01-14T14:16:06.757","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A externally controlled reference to a resource in another sphere vulnerability in Fortinet  allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver"},{"lang":"es","value":"Una referencia controlada externamente a un recurso en otra esfera en Fortinet FortiManager anterior a la versión 7.4.3, FortiMail anterior a la versión 7.0.3, FortiAnalyzer anterior a la versión 7.4.3, FortiVoice versión 7.0.0, 7.0.1 y anterior a 6.4.8, FortiProxy anterior a la versión 7.0.4, FortiRecorder versión 6.4.0 a 6.4.2 y anterior a 6.0.10, FortiAuthenticator versión 6.4.0 a 6.4.1 y anterior a 6.3.3, FortiNDR versión 7.2.0 anterior a 7.1.0, FortiWLC anterior a la versión 8.6.4, FortiPortal anterior a la versión 6.0.9, FortiOS versión 7.2.0 y anterior a 7.0.5, FortiADC versión 7.0.0 a 7.0.1 y anterior 6.2.3, FortiDDoS anterior a la versión 5.5.1, FortiDDoS-F anterior a la versión 6.3.3, FortiTester anterior a la versión 7.2.1, FortiSOAR anterior a la versión 7.2.2 y FortiSwitch anterior a la versión 6.3.3 permiten a los atacantes envenenar cachés web a través de solicitudes HTTP manipulado, donde el encabezado `Host` apunta a un servidor web arbitrario."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-610"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.0","versionEndExcluding":"6.2.4","matchCriteriaId":"B7685DE5-EEF4-4EFF-9EE0-1ABC59A46B91"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiauthenticator:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3.0","versionEndExcluding":"6.3.4","matchCriteriaId":"959F9558-9C68-4046-AF5F-C543C9B5C3DE"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiauthenticator:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"6.4.2","matchCriteriaId":"B4F857C3-0369-45CD-8745-FC6086A6B401"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiddos:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3.0","versionEndExcluding":"5.5.2","matchCriteriaId":"5C2587E4-5D24-4C81-AD13-B3205FA07D14"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiddos-f:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndExcluding":"6.3.4","matchCriteriaId":"999EDF79-3052-4A4E-9B71-B0FEDEBFE33E"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.0.4","matchCriteriaId":"9E3E1107-F78C-41B7-A8D4-E984EF551B1B"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortindr:*:*:*:*:*:*:*:*","versionStartIncluding":"1.4.0","versionEndExcluding":"7.1.1","matchCriteriaId":"2798BBCF-0867-4C5B-9F28-6CD9846DAD7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortindr:7.2.0:*:*:*:*:*:*:*","matchCriteriaId":"06DD8B01-B4BC-432D-9045-40AD6DA84CB7"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"7.0.5","matchCriteriaId":"C4BF015A-6391-40D1-9FC4-C73110A2D52E"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.4.0","matchCriteriaId":"CF9591AF-D4A5-44F6-8535-1D166646E118"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.0.11","matchCriteriaId":"0A7151C5-DB42-4F91-B84C-CDA9CEF73A23"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"6.4.3","matchCriteriaId":"2DDA9A48-7687-40A3-A14F-5EB89A20A386"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisoar:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.3.0","matchCriteriaId":"B72000EC-F0D5-4100-B0DB-7405EDE32C76"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortitester:*:*:*:*:*:*:*:*","versionStartIncluding":"3.7.0","versionEndExcluding":"7.2.2","matchCriteriaId":"C8838FC8-770F-41ED-8F25-8E2953258677"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.4.9","matchCriteriaId":"C97B8181-C602-4E70-B3EA-CBE1FA62A220"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwlc:*:*:*:*:*:*:*:*","versionStartIncluding":"8.6.0","versionEndExcluding":"8.6.7","matchCriteriaId":"C68A52C3-281D-4B4E-B0AA-0162D846BBB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"7.0.6","matchCriteriaId":"00C9C02B-E40F-4536-BC74-A7DA84E4B845"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.5","matchCriteriaId":"4562BDF7-D894-4CD8-95AC-9409FDEBE73F"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.0.5","matchCriteriaId":"FF5E55C0-C600-4234-AA0C-21259AA6D97F"}]}]}],"references":[{"url":"https://fortiguard.com/psirt/FG-IR-23-494","source":"psirt@fortinet.com"}]}}]}