{"id":7182,"date":"2022-08-01T16:41:18","date_gmt":"2022-08-01T21:41:18","guid":{"rendered":"https:\/\/etek.com\/es\/?p=6070"},"modified":"2022-08-01T16:41:18","modified_gmt":"2022-08-01T21:41:18","slug":"vulnerabilidades-en-productos-fortinet","status":"publish","type":"post","link":"https:\/\/etek.com\/es\/vulnerabilidades-en-productos-fortinet\/","title":{"rendered":"Vulnerabilidades en productos Fortinet"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"7182\" class=\"elementor elementor-7182\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6f156879 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"6f156879\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-49960ed8\" data-id=\"49960ed8\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-525a2f8e elementor-widget elementor-widget-text-editor\" data-id=\"525a2f8e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.20.0 - 13-03-2024 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<!-- wp:paragraph -->\n<p><\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p>Escrito por;<strong>Melanie Malagon<\/strong>&#8211; Cyber Intelligence Expert<\/p>\n<!-- \/wp:paragraph -->\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bb3b749 elementor-widget elementor-widget-heading\" data-id=\"bb3b749\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.20.0 - 13-03-2024 *\/\n.elementor-heading-title{padding:0;margin:0;line-height:1}.elementor-widget-heading .elementor-heading-title[class*=elementor-size-]>a{color:inherit;font-size:inherit;line-height:inherit}.elementor-widget-heading .elementor-heading-title.elementor-size-small{font-size:15px}.elementor-widget-heading .elementor-heading-title.elementor-size-medium{font-size:19px}.elementor-widget-heading .elementor-heading-title.elementor-size-large{font-size:29px}.elementor-widget-heading .elementor-heading-title.elementor-size-xl{font-size:39px}.elementor-widget-heading .elementor-heading-title.elementor-size-xxl{font-size:59px}<\/style><h6 class=\"elementor-heading-title elementor-size-default\">Fortinet ha publicado nuevos avisos de seguridad que contiene vulnerabilidades que afentan los productos: FortiOS, FortiDeceptor, FortiAnalyzer y FortiManager-<\/h6>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4ab3938 elementor-widget elementor-widget-text-editor\" data-id=\"4ab3938\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><strong>Severidad<\/strong> <strong>Alta:<\/strong><\/p>\n<h6>CVE-2022-26117 &#8211; FortiNAC<\/h6>\n<p>Permite que un atacante autenticado acceda a las bases de datos MySQL a trav\u00e9s de la CLI esto por una contrase\u00f1a vac\u00eda en la vulnerabilidad del archivo de configuraci\u00f3n en FortiNAC .<\/p>\n<h6>CVE-2022-30302 &#8211; FortiDeceptor<\/h6>\n<p>Permite que un atacante remoto y autenticado recupere y elimine archivos arbitrarios.<\/p>\n<h6>CVE-2021-43072 &#8211; FortiOS<\/h6>\n<p>Puede generar desbordamiento de b\u00fafer basado en la stack a trav\u00e9s del comando de ejecuci\u00f3n CLI dise\u00f1ado.<\/p>\n<h5>Severidad Media:<\/h5>\n<h6><strong>CVE-2022-27483 &#8211; FortiAnalyzer -FortiManager<\/strong><\/h6>\n<p>Permite generar inyecci\u00f3n de comandos del sistema operativo en CLI.<\/p>\n<h6>CVE-2022-26118 &#8211; FortiAnalyzer<\/h6>\n<p>Un usuario local puede tener acceso al sistema y generar escalaci\u00f3n de privilegios.<\/p>\n<p>\u00a0<\/p>\n<h5>RECOMENDACIONES<\/h5>\n<p>Generar las actualizaciones que el fabricante tiene disponibles en medios oficiales.<\/p>\n<ul>\n<li>Se relacionan el listado de las CVE para validaci\u00f3n de remediaciones disponibles: <a href=\"https:\/\/www.fortiguard.com\/psirt\/FG-IR-22-058\">https:\/\/www.fortiguard.com\/psirt\/FG-IR-22-058<\/a><\/li>\n<li><a href=\"https:\/\/www.fortiguard.com\/psirt\/FG-IR-21-213\">https:\/\/www.fortiguard.com\/psirt\/FG-IR-21-213<\/a> <a href=\"https:\/\/www.fortiguard.com\/psirt\/FG-IR-21-206\">https:\/\/www.fortiguard.com\/psirt\/FG-IR-21-206<\/a> <a href=\"https:\/\/www.fortiguard.com\/psirt\/FG-IR-22-049\">https:\/\/www.fortiguard.com\/psirt\/FG-IR-22-049<\/a> <a href=\"https:\/\/www.fortiguard.com\/psirt\/FG-IR-21-056\">https:\/\/www.fortiguard.com\/psirt\/FG-IR-21-056<\/a><\/li>\n<\/ul>\n<h5>FUENTES<\/h5>\n<ul>\n<li><a href=\"https:\/\/portal.cci-entel.cl\/Threat_Intelligence\/Boletines\/1296\/\">https:\/\/portal.cci-entel.cl\/Threat_Intelligence\/Boletines\/1296\/<\/a><\/li>\n<li><a href=\"https:\/\/noticiasseguridad.com\/vulnerabilidades\/11-vulnerabilidades-importantes-en-los-productos-de-fortinet-fortios-fortianalyzer-fortiadc-fortimanager-fortiproxy-forticlient-fortideceptor-fortiswitch-fortirecoder-y-fortivoiceenterprise\/\">https:\/\/noticiasseguridad.com\/vulnerabilidades\/11-vulnerabilidades-importantes-en-los-productos-de-fortinet-fortios-fortianalyzer- fortiadc-fortimanager-fortiproxy-forticlient-fortideceptor-fortiswitch-fortirecoder-y-fortivoiceenterprise\/<\/a><\/li>\n<li><a href=\"https:\/\/www.fortiguard.com\/\">https:\/\/www.fortiguard.com<\/a><\/li>\n<\/ul>\n<p>\u00a0<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-65d4d92 elementor-widget elementor-widget-image\" data-id=\"65d4d92\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.20.0 - 13-03-2024 *\/\n.elementor-widget-image{text-align:center}.elementor-widget-image a{display:inline-block}.elementor-widget-image a img[src$=\".svg\"]{width:48px}.elementor-widget-image img{vertical-align:middle;display:inline-block}<\/style>\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/etek.com\/es\/wp-content\/uploads\/2022\/05\/Imagen2.png\" title=\"\" alt=\"\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4974f8d elementor-widget elementor-widget-text-editor\" data-id=\"4974f8d\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><a href=\"mailto:Info@etek.com\">Info@etek.com<\/a><\/p>\n<p><strong>Colombia&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Per\u00fa&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;<\/strong><span style=\"font-weight: 600; letter-spacing: 0px;\">India<\/span><\/p>\n<p>+57 (1) 2571520&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; +51&nbsp;(1) 6124343&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;<span style=\"letter-spacing: 0px;\">+91-9873451221&nbsp; &nbsp;<\/span><\/p>\n<p><\/p>\n<p><br><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Escrito por;Melanie Malagon&#8211; Cyber Intelligence Expert Fortinet ha publicado nuevos avisos de seguridad que contiene vulnerabilidades que afentan los productos: FortiOS, FortiDeceptor, FortiAnalyzer y FortiManager- Severidad Alta: CVE-2022-26117 &#8211; FortiNAC Permite que un atacante autenticado acceda a las bases de datos MySQL a trav\u00e9s de la CLI esto por una contrase\u00f1a vac\u00eda en la vulnerabilidad [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":6071,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/posts\/7182"}],"collection":[{"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/comments?post=7182"}],"version-history":[{"count":0,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/posts\/7182\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/media?parent=7182"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/categories?post=7182"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/tags?post=7182"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}