medium
6.1
CWE
610
Advisory Published
Updated

CVE-2022-23439

First published: Wed Jan 22 2025(Updated: )

A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver

Credit: psirt@fortinet.com

Affected SoftwareAffected VersionHow to fix
Fortinet FortiManager<7.4.3
Fortinet Fortimail-200d<7.0.3
Fortinet FortiAnalyzer<7.4.3
Fortinet FortiVoice Enterprise>=7.0.0<7.0.1<6.4.8
Fortinet FortiProxy<7.0.4
Fortinet FortiRecorder 400D>=6.4.0<6.4.2<6.0.10
Fortinet FortiAuthenticator>=6.4.0<6.4.1<6.3.3
Fortinet FortiNDR<7.1.0
Fortinet FortiWLC<8.6.4
Fortinet FortiPortal<6.0.9
Fortinet FortiOS IPS Engine<7.0.5<7.2.0
Fortinet FortiADC>=7.0.0<7.0.1<6.2.3
Fortinet FortiDDoS-F<5.5.1
Fortinet FortiDDoS-F<6.3.3
Fortinet FortiTester<7.2.1
Fortinet FortiSOAR Imap Connector<7.2.2
Fortinet FortiSwitch<6.3.3
Fortinet FortiADC>=5.4.0<6.2.4
Fortinet FortiAuthenticator>=6.3.0<6.3.4
Fortinet FortiAuthenticator>=6.4.0<6.4.2
Fortinet FortiDDoS-F>=5.3.0<5.5.2
Fortinet FortiDDoS-F>=6.1.0<6.3.4
Fortinet Fortimail-200d>=6.4.0<7.0.4
Fortinet FortiNDR>=1.4.0<7.1.1
Fortinet FortiNDR=7.2.0
Fortinet FortiProxy>=2.0.0<7.0.5
Fortinet FortiProxy>=7.2.0<7.4.0
Fortinet FortiRecorder 400D>=6.0.0<6.0.11
Fortinet FortiRecorder 400D>=6.4.0<6.4.3
Fortinet FortiSOAR Imap Connector>=6.4.0<7.3.0
Fortinet FortiTester>=3.7.0<7.2.2
Fortinet FortiVoice Enterprise>=6.0.0<6.4.9
Fortinet FortiWLC>=8.6.0<8.6.7
Fortinet FortiOS IPS Engine>=6.0.0<7.0.6
Fortinet FortiOS IPS Engine>=7.2.0<7.2.5
Fortinet FortiSwitch>=6.4.0<7.0.5

Remedy

FortiOS Administrative Interface Please upgrade to FortiOS version 7.0.6 and above, Please upgrade to FortiOS version 7.2.1 and above. AND Set the `admin-host` property to the device hostname, which will disable `Host redirection`: config system global     set admin-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" SSLVPN interface Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above AND Set the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN: config vpn ssl settings                  set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection. Webfilter interface (port 8008) Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.12 or above Please upgrade to FortiOS version 6.4.13 or above FortiProxy Administrative Interface Please upgrade to FortiProxy version 7.0.5 and above AND Set the `admin-host` property to the device hostname, which will disable `Host redirection`: config system global     set admin-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" SSLVPN interface Please upgrade to FortiProxy version 7.4.0 or above AND Set the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN: config vpn ssl settings                  set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection. WebFilter interface (port 8008) Please upgrade to FortiProxy version 7.4.0 or above Please upgrade to FortiRecorder version 7.0.0 or above Please upgrade to FortiRecorder version 6.4.3 or above Please upgrade to FortiRecorder version 6.0.11 or above Please upgrade to FortiNDR version 7.4.0 or above FortiNDR Please upgrade to FortiNDR version 7.2.1 or above Please upgrade to FortiNDR version 7.1.1 or above AND Set the `https-redirect-host` property to the device hostname, which will disable `Host redirection`: config system global     set https-redirect-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" end FortiADC Please upgrade to FortiADC version 7.1.0 or above Please upgrade to FortiADC version 7.0.2 or above Please upgrade to FortiADC version 6.2.4 or above AND Set the `admin-host` property to the device hostname, which will disable `Host redirection`:   config system global     set admin-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" FortiDDOS-F Please upgrade to FortiDDoS-F version 6.4.0 or above Please upgrade to FortiDDoS-F version 6.3.4 or above AND Set the `admin-host` property to the device hostname, which will disable `Host redirection`:   config system global     set admin-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" Please upgrade to FortiSwitch version 7.2.0 or above Please upgrade to FortiSwitch version 7.0.5 or above Please upgrade to FortiSwitch version 6.4.11 or above Please upgrade to FortiVoice version 7.0.2 or above Please upgrade to FortiVoice version 6.4.9 or above Please upgrade to FortiMail version 7.2.0 or above Please upgrade to FortiMail version 7.0.4 or above Please upgrade to FortiWLC version 8.6.7 or above Please upgrade to FortiAuthenticator version 6.4.2 or above Please upgrade to FortiAuthenticator version 6.3.4 or above Please upgrade to FortiDDoS version 5.6.0 or above Please upgrade to FortiDDoS version 5.5.2 or above Please upgrade to FortiSOAR version 7.3.0 or above Please upgrade to FortiTester version 7.3.0 or above Please upgrade to FortiTester version 7.2.2 or above

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2022-23439?

    CVE-2022-23439 is classified with a medium severity level, indicating a potential risk to affected systems.

  • How can I mitigate CVE-2022-23439?

    To remediate CVE-2022-23439, upgrade affected Fortinet products to versions released after 7.4.3 for FortiManager and FortiAnalyzer, 7.0.3 for FortiMail, and other respective versions for other products.

  • Which Fortinet products are affected by CVE-2022-23439?

    CVE-2022-23439 affects FortiManager, FortiMail, FortiAnalyzer, FortiVoice, FortiProxy, FortiRecorder, among others.

  • Is there a known exploit for CVE-2022-23439?

    There is currently no public information regarding known exploits specifically targeting CVE-2022-23439.

  • What types of vulnerabilities does CVE-2022-23439 represent?

    CVE-2022-23439 represents an externally controlled reference to a resource in another sphere, which can lead to unauthorized access in affected Fortinet systems.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203