Format string vulnerability in command line interpreter

Format string vulnerability in command line interpreter Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-21-235 Final 1 1 2022-08-02T00:00:00 Current version 2022-08-02T00:00:00 2022-08-02T00:00:00 A format string vulnerability [CWE-134] in the command line interpreter of FortiOS, FortiOS-6K7K, FortiProxy, FortiADC, and FortiMail may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments. None Execute unauthorized code or commands FortiADC version 6.0.0 through 6.0.4FortiADC version 6.1.0 through 6.1.5FortiADC version 6.2.0 through 6.2.1FortiProxy version 1.0.0 through 1.0.7FortiProxy version 1.1.0 through 1.1.6FortiProxy version 1.2.0 through 1.2.13FortiProxy version 2.0.0 through 2.0.7FortiProxy version 7.0.0 through 7.0.1FortiOS version 5.0.0 through 5.0.14FortiOS version 5.2.0 through 5.2.15FortiOS version 5.4.0 through 5.4.13FortiOS version 5.6.0 through 5.6.14FortiOS version 6.0.0 through 6.0.14FortiOS version 6.2.0 through 6.2.10FortiOS version 6.4.0 through 6.4.8FortiOS version 7.0.0 through 7.0.2FortiOS-6K7K version 6.0.10FortiOS-6K7K version 6.0.12 through 6.0.16FortiOS-6K7K version 6.2.4FortiOS-6K7K version 6.2.6 through 6.2.7FortiOS-6K7K version 6.2.9 through 6.2.13FortiOS-6K7K version 6.4.2FortiOS-6K7K version 6.4.6FortiMail version 6.4.0 through 6.4.5FortiMail version 7.0.0 through 7.0.2 Upgrade to FortiOS 7.0.4 or above.Upgrade to FortiOS 6.4.9 or above.Upgrade to FortiOS 6.2.11 or above.Upgrade to FortiOS 6.0.15 or above.Please upgrade to FortiOS-6K7K version 6.4.8 or above.Upgrade to FortiProxy 7.0.2 or aboveUpgrade to FortiProxy 2.0.8 or aboveFixes for Fortiproxy 1.2, 1.1 and 1.0 are not plannedUpgrade to FortiADC 7.0.1 or aboveUpgrade to FortiADC 6.2.3 or aboveUpgrade to FortiMail 6.4.6 or above.Upgrade to FortiMail 7.0.3 or above.Upgrade to FortiMail 7.2.0 or above. Internally discovered and reported by Gwendal Guégniaud of Fortinet Product Security Team. Format string vulnerability in command line interpreter CVE-2022-22299 7.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-21-235 Format string vulnerability in command line interpreter Reference>