{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"FortiWeb versions 7.2.x ant\u00e9rieures \u00e0 7.2.6","product":{"name":"FortiWeb","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiMail 6.0.x toutes versions","product":{"name":"FortiMail","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS versions 7.2.x ant\u00e9rieures \u00e0 7.2.1","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 2.6.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiNDR 1.1.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSandbox versions 3.0.x ant\u00e9rieures \u00e0 3.0.4","product":{"name":"FortiSandbox","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 3.5.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiProxy versions 7.0.x ant\u00e9rieures \u00e0 7.0.11","product":{"name":"FortiProxy","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSwitch versions 7.0.x ant\u00e9rieures \u00e0 7.0.5","product":{"name":"FortiSwitch","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS 6.4.x toutes versions","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiWeb 7.0.x toutes versions","product":{"name":"FortiWeb","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSwitch 6.2.x toutes versions","product":{"name":"FortiSwitch","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiADC 6.2.x toutes versions","product":{"name":"FortiADC","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiMail versions 7.4.x ant\u00e9rieures \u00e0 7.4.1","product":{"name":"FortiMail","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiRecorder 2.6.x toutes versions","product":{"name":"FortiRecorder","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 3.2.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSwitch versions 6.4.x ant\u00e9rieures \u00e0 6.4.11","product":{"name":"FortiSwitch","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiADC 6.0.x toutes versions","product":{"name":"FortiADC","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 7.1.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS 6.0.x toutes versions","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiRecorder 2.7.x toutes versions","product":{"name":"FortiRecorder","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSandbox 3.1.x toutes versions","product":{"name":"FortiSandbox","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiWeb versions 7.4.x ant\u00e9rieures \u00e0 7.4.1","product":{"name":"FortiWeb","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiADC 7.0.x toutes versions","product":{"name":"FortiADC","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 2.5.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiRecorder versions 6.4.x ant\u00e9rieures \u00e0 6.4.3","product":{"name":"FortiRecorder","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSandbox 4.0.x toutes versions","product":{"name":"FortiSandbox","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiPortal versions 7.2.x ant\u00e9rieures \u00e0 7.2.1","product":{"name":"FortiPortal","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 3.9.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 4.1.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiNDR versions 7.0.x ant\u00e9rieures \u00e0 7.0.5","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSandbox 3.2.x toutes versions","product":{"name":"FortiSandbox","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiNDR 1.2.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS 7.0.x toutes versions","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 3.7.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiADC 7.1.x toutes versions","product":{"name":"FortiADC","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiMail 6.2.x toutes versions","product":{"name":"FortiMail","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 3.4.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS versions 6.2.x ant\u00e9rieures \u00e0 6.2.16","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiWeb 6.3.x toutes versions","product":{"name":"FortiWeb","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS versions 7.2.x ant\u00e9rieures \u00e0 7.2.5","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 2.7.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS versions 7.0.x ant\u00e9rieures \u00e0 7.0.6","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 2.3.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiVoice versions 6.4.x ant\u00e9rieures \u00e0 6.4.8","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS versions 7.4.x ant\u00e9rieures \u00e0 7.4.1","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 2.8.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiNDR 1.3.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiPortal versions 7.0.x ant\u00e9rieures \u00e0 7.0.7","product":{"name":"FortiPortal","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiNDR versions 7.1.x ant\u00e9rieures \u00e0 7.1.1","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiPAM versions 1.1.x ant\u00e9rieures \u00e0 1.1.1","product":{"name":"FortiPAM","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiProxy versions 7.0.x ant\u00e9rieures \u00e0 7.0.10","product":{"name":"FortiProxy","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiMail versions 6.4.x ant\u00e9rieures \u00e0 6.4.7","product":{"name":"FortiMail","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 7.2.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiADC versions 7.2.x ant\u00e9rieures \u00e0 7.2.3","product":{"name":"FortiADC","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSwitch 6.0.x toutes versions","product":{"name":"FortiSwitch","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiProxy versions 7.2.x ant\u00e9rieures \u00e0 7.2.5","product":{"name":"FortiProxy","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiProxy versions 2.0.x ant\u00e9rieures \u00e0 2.0.13","product":{"name":"FortiProxy","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiProxy versions 7.2.x ant\u00e9rieures \u00e0 7.2.4","product":{"name":"FortiProxy","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 2.9.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiVoice versions 6.0.x ant\u00e9rieures \u00e0 6.0.12","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiADC 6.1.x toutes versions","product":{"name":"FortiADC","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS versions 6.4.x ant\u00e9rieures \u00e0 6.4.13","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiPAM 1.0.x toutes versions","product":{"name":"FortiPAM","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 2.4.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiOS versions 7.0.x ant\u00e9rieures \u00e0 7.0.12","product":{"name":"FortiOS","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 4.0.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 4.2.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 3.1.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiNDR 1.5.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiWeb 6.2.x toutes versions","product":{"name":"FortiWeb","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiNDR 1.4.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiRecorder versions 6.0.x ant\u00e9rieures \u00e0 6.0.12","product":{"name":"FortiRecorder","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiPAM versions 1.1.x ant\u00e9rieures \u00e0 1.1.2","product":{"name":"FortiPAM","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 3.8.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 3.6.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiADC versions 7.4.x ant\u00e9rieures \u00e0 7.4.1","product":{"name":"FortiADC","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSandbox versions 4.4.x ant\u00e9rieures \u00e0 4.4.3","product":{"name":"FortiSandbox","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 3.3.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiMail versions 7.0.x ant\u00e9rieures \u00e0 7.0.4","product":{"name":"FortiMail","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 3.0.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiWLM versions 8.6.x ant\u00e9rieures \u00e0 8.6.6","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiSandbox 4.2.x toutes versions","product":{"name":"FortiSandbox","vendor":{"name":"Fortinet","scada":false}}},{"description":"FortiTester 7.0.x toutes versions","product":{"name":"N/A","vendor":{"name":"Fortinet","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-47536","url":"https://www.cve.org/CVERecord?id=CVE-2023-47536"},{"name":"CVE-2023-47539","url":"https://www.cve.org/CVERecord?id=CVE-2023-47539"},{"name":"CVE-2023-40716","url":"https://www.cve.org/CVERecord?id=CVE-2023-40716"},{"name":"CVE-2023-41678","url":"https://www.cve.org/CVERecord?id=CVE-2023-41678"},{"name":"CVE-2023-46713","url":"https://www.cve.org/CVERecord?id=CVE-2023-46713"},{"name":"CVE-2023-48782","url":"https://www.cve.org/CVERecord?id=CVE-2023-48782"},{"name":"CVE-2023-41844","url":"https://www.cve.org/CVERecord?id=CVE-2023-41844"},{"name":"CVE-2023-41673","url":"https://www.cve.org/CVERecord?id=CVE-2023-41673"},{"name":"CVE-2022-27488","url":"https://www.cve.org/CVERecord?id=CVE-2022-27488"},{"name":"CVE-2023-48791","url":"https://www.cve.org/CVERecord?id=CVE-2023-48791"},{"name":"CVE-2023-36639","url":"https://www.cve.org/CVERecord?id=CVE-2023-36639"},{"name":"CVE-2023-45587","url":"https://www.cve.org/CVERecord?id=CVE-2023-45587"}],"links":[],"reference":"CERTFR-2023-AVI-1018","revisions":[{"description":"Version initiale","revision_date":"2023-12-13T00:00:00.000000"}],"risks":[{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans <span\nclass=\"textit\">les produits Fortinet</span>. Certaines d'entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire,\nune injection de code indirecte \u00e0 distance (XSS), une atteinte \u00e0\nl'int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-138 du 12 d\u00e9cembre 2023","url":"https://www.fortiguard.com/psirt/FG-IR-23-138"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-270 du 12 d\u00e9cembre 2023","url":"https://www.fortiguard.com/psirt/FG-IR-23-270"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-214 du 12 d\u00e9cembre 2023","url":"https://www.fortiguard.com/psirt/FG-IR-23-214"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-196 du 12 d\u00e9cembre 2023","url":"https://www.fortiguard.com/psirt/FG-IR-23-196"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-360 du 12 d\u00e9cembre 2023","url":"https://www.fortiguard.com/psirt/FG-IR-23-360"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-439 du 12 d\u00e9cembre 2023","url":"https://www.fortiguard.com/psirt/FG-IR-23-439"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-425 du 12 d\u00e9cembre 2023","url":"https://www.fortiguard.com/psirt/FG-IR-23-425"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-038 du 12 d\u00e9cembre 2023","url":"https://www.fortiguard.com/psirt/FG-IR-22-038"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-256 du 12 d\u00e9cembre 2023","url":"https://www.fortiguard.com/psirt/FG-IR-23-256"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-22-345 du 12 d\u00e9cembre 2023","url":"https://www.fortiguard.com/psirt/FG-IR-22-345"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-432 du 12 d\u00e9cembre 2023","url":"https://www.fortiguard.com/psirt/FG-IR-23-432"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-23-450 du 12 d\u00e9cembre 2023","url":"https://www.fortiguard.com/psirt/FG-IR-23-450"}]}