{"cve": {"data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2023-27997", "ASSIGNER": "psirt@fortinet.com"}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-787"}]}]}, "references": {"reference_data": [{"url": "https://fortiguard.com/psirt/FG-IR-23-097", "name": "https://fortiguard.com/psirt/FG-IR-23-097", "refsource": "MISC", "tags": ["Vendor Advisory"]}]}, "description": {"description_data": [{"lang": "en", "value": "A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests."}]}}, "configurations": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", "versionStartIncluding": "1.1.0", "versionEndIncluding": "1.1.6", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", "versionStartIncluding": "1.2.0", "versionEndIncluding": "1.2.13", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0.0", "versionEndIncluding": "6.0.16", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2.0", "versionEndIncluding": "6.2.13", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.2.0", "versionEndIncluding": "7.2.4", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4.0", "versionEndIncluding": "6.4.12", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.0.0", "versionEndIncluding": "7.0.11", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.0.0", "versionEndIncluding": "2.0.12", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.0.0", "versionEndIncluding": "7.0.9", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.2.0", "versionEndIncluding": "7.2.3", "cpe_name": []}]}, {"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0.12", "versionEndIncluding": "6.0.16", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2.9", "versionEndIncluding": "6.2.13", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:h:fortinet:fortigate_6000:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": false, "cpe23Uri": "cpe:2.3:h:fortinet:fortigate_7000:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}]}, "impact": {"baseMetricV3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}}, "publishedDate": "2023-06-13T09:15Z", "lastModifiedDate": "2024-06-27T19:12Z"}