How severe is CVE-2022-23439?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.1 out of 10.

What type of vulnerability is CVE-2022-23439?

This is classified as CWE-610, which is a common weakness in software security.

CVE-2022-23439 - MEDIUM Severity | CVSS 6.1

Vulnerability Description

A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before version 7.0.4, FortiRecorder version 6.4.0 through 6.4.2 and before 6.0.10, FortiAuthenticator version 6.4.0 through 6.4.1 and before 6.3.3, FortiNDR version 7.2.0 before 7.1.0, FortiWLC before version 8.6.4, FortiPortal before version 6.0.9, FortiOS version 7.2.0 and before 7.0.5, FortiADC version 7.0.0 through 7.0.1 and before 6.2.3 , FortiDDoS before version 5.5.1, FortiDDoS-F before version 6.3.3, FortiTester before version 7.2.1, FortiSOAR before version 7.2.2 and FortiSwitch before version 6.3.3 allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver

Related Vulnerabilities

CVE-2024-24818

MEDIUM

CVSS:5.9(Medium)

EspoCRM is an Open Source Customer Relationship Management software. An attacker can inject arbitrary IP or domain in "Password Change" page and redirect victim to malicious page that could lead to cr...

CWE-6102024

CVE-2025-1225

MEDIUM

CVSS:6.3(Medium)

A vulnerability, which was classified as problematic, has been found in ywoa up to 2024.07.03. This issue affects the function extract of the file c-main/src/main/java/com/redmoon/weixin/aes/XMLParse....

CWE-6102025

CVE-2025-2365

MEDIUM

CVSS:6.3(Medium)

A vulnerability, which was classified as problematic, has been found in crmeb_java up to 1.3.4. Affected by this issue is the function webHook of the file WeChatMessageController.java. The manipulatio...

CWE-6102025

CVE-2025-3241

MEDIUM

CVSS:6.3(Medium)

A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4.2.0. This affects an unknown part of the file src/main/java/com/ukefu/webim/web/handler/admin/callcent...

CWE-6102025

CVE-2020-8226

MEDIUM

CVSS:5.8(Medium)

A vulnerability exists in phpBB <v3.2.10 and <v3.3.1 which allowed remote image dimensions check to be used to SSRF.

CWE-6102020

CVE-2024-7625

MEDIUM

CVSS:5.8(Medium)

In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocatio...

CWE-6102024