{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-13T14:32:28.702","vulnerabilities":[{"cve":{"id":"CVE-2022-38381","sourceIdentifier":"psirt@fortinet.com","published":"2022-11-02T12:15:54.773","lastModified":"2024-11-21T07:16:21.807","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An improper handling of malformed request vulnerability [CWE-228] exists in FortiADC 5.0 all versions, 6.0.0 all versions, 6.1.0 all versions, 6.2.0 through 6.2.3, and 7.0.0 through 7.0.2. This may allow a remote attacker without privileges to bypass some Web Application Firewall (WAF) protection such as the SQL Injection and XSS filters via a malformed HTTP request."},{"lang":"es","value":"Existe un manejo inadecuado de la vulnerabilidad de solicitud con formato incorrecto [CWE-228] en FortiADC 5.0 todas las versiones, 6.0.0 todas las versiones, 6.1.0 todas las versiones, 6.2.0 a 6.2.3 y 7.0.0 a 7.0.2. Esto puede permitir a un atacante remoto sin privilegios eludir alguna protección del Firewall de aplicaciones web (WAF), como la inyección SQL y los filtros XSS, a través de una solicitud HTTP con formato incorrecto."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndIncluding":"5.0.4","matchCriteriaId":"A3674BC9-FCA2-4DFD-8BDC-A5AE0256F293"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1.0","versionEndIncluding":"5.1.7","matchCriteriaId":"6B01E632-37EA-441A-81A6-D6CE9A8997A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2.0","versionEndIncluding":"5.2.8","matchCriteriaId":"6B546C4E-F9AF-4514-B5A9-BD29A1FE663E"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3.0","versionEndIncluding":"5.3.7","matchCriteriaId":"A3EEDDB2-61AC-43F4-9719-3548057EF30E"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.0","versionEndIncluding":"5.4.5","matchCriteriaId":"54EBC78D-0358-474F-9654-3EF9950D563B"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.0.4","matchCriteriaId":"3ADB57D8-1ABE-4401-B1B0-4640A34C555A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndIncluding":"6.1.6","matchCriteriaId":"D31CF79E-6C56-4CD0-9DD2-FBB48D503786"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0","versionEndIncluding":"6.2.3","matchCriteriaId":"51C6A8FD-8D0D-4CBA-BA34-A34D12CE69ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.0.2","matchCriteriaId":"57372C1E-C3EE-4B19-8B24-79B9824634A2"}]}]}],"references":[{"url":"https://fortiguard.com/psirt/FG-IR-22-234","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://fortiguard.com/psirt/FG-IR-22-234","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}