Unrated severityNVD Advisory· Published Jan 22, 2025· Updated Jan 14, 2026
CVE-2022-23439
CVE-2022-23439
Description
A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, where the Host header points to an arbitrary webserver
Affected products
17- Fortinet/FortiAuthenticatorv5cpe:2.3:a:fortinet:fortiauthenticator:6.4.1:*:*:*:*:*:*:*Range: 6.4.0
- Fortinet/FortiPortalv5cpe:2.3:a:fortinet:fortiportal:6.0.9:*:*:*:*:*:*:*Range: 6.0.0
- Fortinet/FortiRecorderv5cpe:2.3:a:fortinet:fortirecorder:6.4.2:*:*:*:*:*:*:*Range: 6.4.0
- Fortinet/FortiSOAR on-premisev5cpe:2.3:a:fortinet:fortisoaron-premise:7.2.2:*:*:*:*:*:*:*Range: 7.2.0
- Fortinet/FortiSwitchv5cpe:2.3:a:fortinet:fortiswitch:7.0.4:*:*:*:*:*:*:*Range: 7.0.0
- Fortinet/FortiTesterv5cpe:2.3:a:fortinet:fortitester:7.2.1:*:*:*:*:*:*:*Range: 7.2.0
- Fortinet/FortiWLCv5cpe:2.3:a:fortinet:fortiwlc:8.6.7:*:*:*:*:*:*:*Range: 8.6.0
- Fortinet/FortiADCv5cpe:2.3:h:fortinet:fortiadc:7.0.1:*:*:*:*:*:*:*Range: 7.0.0
- Fortinet/FortiDDoSv5cpe:2.3:o:fortinet:fortiddos:5.5.1:*:*:*:*:*:*:*Range: 5.5.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.