CVE-2022-23439

Description

A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver

Remediation

Solution:

  • FortiOS Administrative Interface Please upgrade to FortiOS version 7.0.6 and above, Please upgrade to FortiOS version 7.2.1 and above. AND Set the `admin-host` property to the device hostname, which will disable `Host redirection`: config system global     set admin-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" SSLVPN interface Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above AND Set the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN: config vpn ssl settings                  set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection. Webfilter interface (port 8008) Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.12 or above Please upgrade to FortiOS version 6.4.13 or above FortiProxy Administrative Interface Please upgrade to FortiProxy version 7.0.5 and above AND Set the `admin-host` property to the device hostname, which will disable `Host redirection`: config system global     set admin-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" SSLVPN interface Please upgrade to FortiProxy version 7.4.0 or above AND Set the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN: config vpn ssl settings                  set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection. WebFilter interface (port 8008) Please upgrade to FortiProxy version 7.4.0 or above Please upgrade to FortiRecorder version 7.0.0 or above Please upgrade to FortiRecorder version 6.4.3 or above Please upgrade to FortiRecorder version 6.0.11 or above Please upgrade to FortiNDR version 7.4.0 or above FortiNDR Please upgrade to FortiNDR version 7.2.1 or above Please upgrade to FortiNDR version 7.1.1 or above AND Set the `https-redirect-host` property to the device hostname, which will disable `Host redirection`: config system global     set https-redirect-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" end FortiADC Please upgrade to FortiADC version 7.1.0 or above Please upgrade to FortiADC version 7.0.2 or above Please upgrade to FortiADC version 6.2.4 or above AND Set the `admin-host` property to the device hostname, which will disable `Host redirection`:   config system global     set admin-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" FortiDDOS-F Please upgrade to FortiDDoS-F version 6.4.0 or above Please upgrade to FortiDDoS-F version 6.3.4 or above AND Set the `admin-host` property to the device hostname, which will disable `Host redirection`:   config system global     set admin-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" Please upgrade to FortiSwitch version 7.2.0 or above Please upgrade to FortiSwitch version 7.0.5 or above Please upgrade to FortiSwitch version 6.4.11 or above Please upgrade to FortiVoice version 7.0.2 or above Please upgrade to FortiVoice version 6.4.9 or above Please upgrade to FortiMail version 7.2.0 or above Please upgrade to FortiMail version 7.0.4 or above Please upgrade to FortiWLC version 8.6.7 or above Please upgrade to FortiAuthenticator version 6.4.2 or above Please upgrade to FortiAuthenticator version 6.3.4 or above Please upgrade to FortiDDoS version 5.6.0 or above Please upgrade to FortiDDoS version 5.5.2 or above Please upgrade to FortiSOAR version 7.3.0 or above Please upgrade to FortiTester version 7.3.0 or above Please upgrade to FortiTester version 7.2.2 or above

Category

4.7
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.07%
Affected: Fortinet FortiTester
Affected: Fortinet FortiOS
Affected: Fortinet FortiMail
Affected: Fortinet FortiSwitch
Affected: Fortinet FortiDDoS-F
Affected: Fortinet FortiProxy
Affected: Fortinet FortiRecorder
Affected: Fortinet FortiNDR
Affected: Fortinet FortiADC
Affected: Fortinet FortiManager
Affected: Fortinet FortiSOAR
Affected: Fortinet FortiVoice
Affected: Fortinet FortiDDoS
Affected: Fortinet FortiWLC
Affected: Fortinet FortiAnalyzer
Affected: Fortinet FortiPortal
Affected: Fortinet FortiAuthenticator
Published at:
Updated at:

References

Link Tags
https://fortiguard.com/psirt/FG-IR-21-254 broken link

Frequently Asked Questions

What is the severity of CVE-2022-23439?
CVE-2022-23439 has been scored as a medium severity vulnerability.
How to fix CVE-2022-23439?
To fix CVE-2022-23439: FortiOS Administrative Interface Please upgrade to FortiOS version 7.0.6 and above, Please upgrade to FortiOS version 7.2.1 and above. AND Set the `admin-host` property to the device hostname, which will disable `Host redirection`: config system global     set admin-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" SSLVPN interface Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above AND Set the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN: config vpn ssl settings                  set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection. Webfilter interface (port 8008) Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.12 or above Please upgrade to FortiOS version 6.4.13 or above FortiProxy Administrative Interface Please upgrade to FortiProxy version 7.0.5 and above AND Set the `admin-host` property to the device hostname, which will disable `Host redirection`: config system global     set admin-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" SSLVPN interface Please upgrade to FortiProxy version 7.4.0 or above AND Set the `server-hostname` property to the device hostname, which will disable `Host redirection` for SSL VPN: config vpn ssl settings                  set server-hostname Server hostname for HTTPS. When set, will be used for SSL VPN web proxy host header for any redirection. WebFilter interface (port 8008) Please upgrade to FortiProxy version 7.4.0 or above Please upgrade to FortiRecorder version 7.0.0 or above Please upgrade to FortiRecorder version 6.4.3 or above Please upgrade to FortiRecorder version 6.0.11 or above Please upgrade to FortiNDR version 7.4.0 or above FortiNDR Please upgrade to FortiNDR version 7.2.1 or above Please upgrade to FortiNDR version 7.1.1 or above AND Set the `https-redirect-host` property to the device hostname, which will disable `Host redirection`: config system global     set https-redirect-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" end FortiADC Please upgrade to FortiADC version 7.1.0 or above Please upgrade to FortiADC version 7.0.2 or above Please upgrade to FortiADC version 6.2.4 or above AND Set the `admin-host` property to the device hostname, which will disable `Host redirection`:   config system global     set admin-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" FortiDDOS-F Please upgrade to FortiDDoS-F version 6.4.0 or above Please upgrade to FortiDDoS-F version 6.3.4 or above AND Set the `admin-host` property to the device hostname, which will disable `Host redirection`:   config system global     set admin-host "Administrative host for HTTP and HTTPs. When set, will be used in lieu of the client's Host header for any redirection" Please upgrade to FortiSwitch version 7.2.0 or above Please upgrade to FortiSwitch version 7.0.5 or above Please upgrade to FortiSwitch version 6.4.11 or above Please upgrade to FortiVoice version 7.0.2 or above Please upgrade to FortiVoice version 6.4.9 or above Please upgrade to FortiMail version 7.2.0 or above Please upgrade to FortiMail version 7.0.4 or above Please upgrade to FortiWLC version 8.6.7 or above Please upgrade to FortiAuthenticator version 6.4.2 or above Please upgrade to FortiAuthenticator version 6.3.4 or above Please upgrade to FortiDDoS version 5.6.0 or above Please upgrade to FortiDDoS version 5.5.2 or above Please upgrade to FortiSOAR version 7.3.0 or above Please upgrade to FortiTester version 7.3.0 or above Please upgrade to FortiTester version 7.2.2 or above
Is CVE-2022-23439 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-23439 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-23439?
CVE-2022-23439 affects Fortinet FortiTester, Fortinet FortiOS, Fortinet FortiMail, Fortinet FortiSwitch, Fortinet FortiDDoS-F, Fortinet FortiProxy, Fortinet FortiRecorder, Fortinet FortiNDR, Fortinet FortiADC, Fortinet FortiManager, Fortinet FortiSOAR, Fortinet FortiVoice, Fortinet FortiDDoS, Fortinet FortiWLC, Fortinet FortiAnalyzer, Fortinet FortiPortal, Fortinet FortiAuthenticator.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.