{"id":4439,"date":"2023-03-11T13:08:10","date_gmt":"2023-03-11T12:08:10","guid":{"rendered":"https:\/\/sajberinfo.com\/?p=4439"},"modified":"2023-03-11T17:29:46","modified_gmt":"2023-03-11T16:29:46","slug":"fortinet-ispravlja-kriticnu-ranjivost","status":"publish","type":"post","link":"https:\/\/sajberinfo.com\/en\/2023\/03\/11\/fortinet-ispravlja-kriticnu-ranjivost\/","title":{"rendered":"Fortinet ispravlja kriti\u010dnu ranjivost"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\"><em>Fortinet <\/em>ispravlja kriti\u010dnu ranjivost bafera u nekoliko verzija<em> FortiOS<\/em>-a i <em>FortiProxy<\/em>-a. Ranjivost bi mogla omogu\u0107iti napada\u010du da izvr\u0161i pokretanje proizvoljnog k\u00f4da ili onemogu\u0107i pristup korisni\u010dkom interfejsu, \u0161to bi moglo ugroziti korisnike.<\/span><\/p>\n<div id=\"attachment_4440\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-4440\" class=\"size-full wp-image-4440\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/03\/Fortinet-ispravlja.jpg\" alt=\"Fortinet ispravlja\" width=\"1024\" height=\"626\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/03\/Fortinet-ispravlja.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/03\/Fortinet-ispravlja-300x183.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/03\/Fortinet-ispravlja-768x470.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2023\/03\/Fortinet-ispravlja-18x12.jpg 18w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-4440\" class=\"wp-caption-text\"><em>Fortinet ispravlja kriti\u010dnu ranjivost; Dizajn: Sa\u0161a \u0110uri\u0107<\/em><\/p><\/div>\n<h2><span style=\"font-size: 14pt;\"><strong>Ranjivost<\/strong><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Ranjivost je ozna\u010dena kao <a href=\"https:\/\/www.fortiguard.com\/psirt\/FG-IR-23-001\" target=\"_blank\" rel=\"noopener\"><em>CVE-2023-25610<\/em><\/a> (sa <em>CVSS<\/em> rezultatom 9,3), uti\u010de na administrativni interfejs zahva\u0107enih proizvoda i mo\u017ee se iskoristiti za pristup bez autentifikacije korisnika, bilo za izvr\u0161enje proizvoljnog k\u00f4da ili za izazivanje stanja uskra\u0107ivanja usluge (eng. <em>denial-of-service \u2013 DoS)<\/em>.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Kompanija Fortinet ka\u017ee da nema saznanja da se ova ranjivost iskori\u0161tava u zlonamjernim napadima, ali nije neuobi\u010dajeno da takve propuste iskoriste zlonamjerni akteri ubrzo nakon objavljivanja sigurnosnih ispravki.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h3><span style=\"font-size: 14pt;\"><strong>Sigurnosne ispravke<\/strong><\/span><\/h3>\n<p><span style=\"font-size: 14pt;\">Korisnici bi trebali a\u017eurirati sve ranjive verzije <em>FortiOS<\/em>-a i <em>FortiProxy<\/em>-a \u0161to je prije mogu\u0107e, kako bi za\u0161titili svoje ure\u0111aje od napada\u010da. Lista svih pogo\u0111enih verzija je:<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 14pt;\"><em>FortiOS<\/em> verzija 7.2.0 do verzije 7.2.3<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>FortiOS<\/em> verzija 7.0.0 do verzije 7.0.9<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>FortiOS <\/em>verzija 6.4.0 do verzije 6.4.11<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>FortiOS <\/em>verzija 6.2.0 do verzije 6.2.12<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>FortiOS <\/em>0 sve verzije<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>FortiProxy <\/em>verzija 7.2.0 do verzije 7.2.2<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>FortiProxy <\/em>verzija 7.0.0 do verzije 7.0.8<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>FortiProxy <\/em>verzija 2.0.0 do verzije 2.0.11<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>FortiProxy <\/em>2 sve verzije<\/span><\/li>\n<li><span style=\"font-size: 14pt;\"><em>FortiProxy <\/em>1 sve verzije<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><span style=\"font-size: 14pt;\">Korisnici koji nisu u mogu\u0107nosti odmah da primjene a\u017euriranje, mogu onemogu\u0107iti <em>HTTP\/HTTPS<\/em> administrativni interfejs ili postaviti ograni\u010denja <em>IP<\/em> adrese za pristup interfejsu.<\/span><\/p>","protected":false},"excerpt":{"rendered":"<p>Fortinet ispravlja kriti\u010dnu ranjivost bafera u nekoliko verzija FortiOS-a i FortiProxy-a. Ranjivost bi mogla omogu\u0107iti napada\u010du da izvr\u0161i pokretanje proizvoljnog k\u00f4da ili onemogu\u0107i pristup korisni\u010dkom interfejsu, \u0161to bi moglo ugroziti korisnike. Ranjivost Ranjivost je&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":4440,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[284,285,286,126],"class_list":["post-4439","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-dos","tag-fortinet","tag-ranjivost","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/4439","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=4439"}],"version-history":[{"count":0,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/4439\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/4440"}],"wp:attachment":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=4439"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=4439"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=4439"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}