FortiSandbox 4.x Improper Privilege Mgmt Enables Authenticated API Abuse
CVE-2022-27487 Published on April 11, 2023
A improper privilege management in Fortinet FortiSandbox version 4.2.0 through 4.2.2, 4.0.0 through 4.0.2 and before 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 through 4.0.2 and before 3.3.3 allows a remote authenticated attacker to perform unauthorized API calls via crafted HTTP or HTTPS requests.
Vulnerability Analysis
CVE-2022-27487 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Products Associated with CVE-2022-27487
stack.watch emails you whenever new vulnerabilities are published in Fortinet Fortideceptor or Fortinet Fortisandbox. Just hit a watch button to start following.
Affected Versions
Fortinet FortiDeceptor:- Version 4.1.0 is affected.
- Version 4.0.0, <= 4.0.2 is affected.
- Version 3.3.0, <= 3.3.3 is affected.
- Version 3.2.0, <= 3.2.2 is affected.
- Version 3.1.0, <= 3.1.1 is affected.
- Version 3.0.0, <= 3.0.2 is affected.
- Version 2.1.0 is affected.
- Version 2.0.0 is affected.
- Version 1.1.0 is affected.
- Version 1.0.0, <= 1.0.1 is affected.
- Version 4.2.0, <= 4.2.2 is affected.
- Version 4.0.0, <= 4.0.2 is affected.
- Version 3.2.0, <= 3.2.3 is affected.
- Version 3.1.0, <= 3.1.5 is affected.
- Version 3.0.0, <= 3.0.7 is affected.
- Version 2.5.0, <= 2.5.2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.