CVE-2022-23446

A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and earlier allows attacker to make the whole application unresponsive via changing its root directory access permission.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
fortinetfortiedr
4.0.0
fortinetfortiedr
5.0.0
fortinetfortiedr
5.0.1
fortinetfortiedr
5.0.2
𝑥
= Vulnerable software versions
References
https://fortiguard.com/psirt/FG-IR-22-052
https://fortiguard.com/psirt/FG-IR-22-052