SB2023021710 - Two vulnerabilities in FortiOS

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Cross-site scripting (CVE-ID: CVE-2022-41334)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data passed via the "redir" parameter of the Login page when the "Sign in with FortiCloud" button is clicked. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

2) Improper Certificate Validation (CVE-ID: CVE-2022-39948)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to improper certificate validation when establishing secure connections with threat feed fabric connectors. A remote attacker can perform MitM attack on the communication channel between the affected device and remote servers hosting threat feeds.

Remediation

Install update from vendor's website.

References

• https://fortiguard.com/psirt/FG-IR-22-224
• https://fortiguard.com/psirt/FG-IR-22-257