External Resource Referencing Vulnerability in Fortinet Products
CVE-2022-23439
6.1MEDIUM
Key Information:
- Vendor
Fortinet
- Vendor
- CVE Published:
- 22 January 2025
What is CVE-2022-23439?
This vulnerability in Fortinet products allows attackers to perform web cache poisoning through specially crafted HTTP requests. By manipulating the 'Host' header to point to a malicious web server, an adversary can inject harmful resources into the cache, potentially impacting the integrity and availability of cached content for users. Multiple Fortinet products are affected, creating a significant security risk that necessitates prompt updates and remediation.
Affected Version(s)
FortiADC 7.0.0 <= 7.0.1
FortiADC 6.2.0 <= 6.2.3
FortiADC 6.1.0 <= 6.1.6