What is the vulnerability ID of this Fortinet FortiEDR vulnerability?

The vulnerability ID of this Fortinet FortiEDR vulnerability is CVE-2022-29057.

What is the severity rating of CVE-2022-29057?

CVE-2022-29057 has a severity rating of 5.4 (Medium).

What is the affected software version and patch level for CVE-2022-29057?

CVE-2022-29057 affects Fortinet FortiEDR version 5.1.0, and versions 5.0.0 through 5.0.3 Patch 6 and 4.0.0.

How does CVE-2022-29057 impact Fortinet FortiEDR?

CVE-2022-29057 allows a remote authenticated attacker to perform a reflected cross-site scripting (XSS) attack on Fortinet FortiEDR by injecting a malicious payload into the Man...

Is there a patch available to fix CVE-2022-29057?

Yes, Fortinet has released patches to address CVE-2022-29057. It is recommended to apply the latest patch for the affected Fortinet FortiEDR versions.

Vulnerability/
CVE-2022-29057

medium

5.4

CWE

18/7/2022

22/10/2024

CVE-2022-29057: XSS

First published: Mon Jul 18 2022(Updated: )

A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiEDR version 5.1.0, 5.0.0 through 5.0.3 Patch 6 and 4.0.0 allows a remote authenticated attacker to perform a reflected cross site scripting attack (XSS) by injecting malicious payload into the Management Console via various endpoints.

Credit: psirt@fortinet.com

Affected Software	Affected Version	How to fix
Fortinet Fortiedr	>=5.0.0<5.0.3
Fortinet Fortiedr	=4.0.0
Fortinet Fortiedr	=5.0.3
Fortinet Fortiedr	=5.0.3-patch1
Fortinet Fortiedr	=5.0.3-patch2
Fortinet Fortiedr	=5.0.3-patch3
Fortinet Fortiedr	=5.0.3-patch4
Fortinet Fortiedr	=5.0.3-patch5
Fortinet Fortiedr	=5.0.3-patch6
Fortinet Fortiedr	=5.1.0

Never miss a vulnerability like this again

Reference Links

https://fortiguard.com/psirt/FG-IR-22-077

Frequently Asked Questions

What is the vulnerability ID of this Fortinet FortiEDR vulnerability?
The vulnerability ID of this Fortinet FortiEDR vulnerability is CVE-2022-29057.
What is the severity rating of CVE-2022-29057?
CVE-2022-29057 has a severity rating of 5.4 (Medium).
What is the affected software version and patch level for CVE-2022-29057?
CVE-2022-29057 affects Fortinet FortiEDR version 5.1.0, and versions 5.0.0 through 5.0.3 Patch 6 and 4.0.0.
How does CVE-2022-29057 impact Fortinet FortiEDR?
CVE-2022-29057 allows a remote authenticated attacker to perform a reflected cross-site scripting (XSS) attack on Fortinet FortiEDR by injecting a malicious payload into the Man...
Is there a patch available to fix CVE-2022-29057?
Yes, Fortinet has released patches to address CVE-2022-29057. It is recommended to apply the latest patch for the affected Fortinet FortiEDR versions.

collector/nvd-index
agent/references
agent/weakness
agent/severity
agent/author
agent/type
agent/event
agent/description
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
vendor/fortinet
canonical/fortinet fortiedr
version/fortinet fortiedr/5.0.0
version/fortinet fortiedr/4.0.0
version/fortinet fortiedr/5.0.3
version/fortinet fortiedr/5.0.3-patch1
version/fortinet fortiedr/5.0.3-patch2
version/fortinet fortiedr/5.0.3-patch3
version/fortinet fortiedr/5.0.3-patch4
version/fortinet fortiedr/5.0.3-patch5
version/fortinet fortiedr/5.0.3-patch6
version/fortinet fortiedr/5.1.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.