{"id":2327,"date":"2023-01-06T14:47:12","date_gmt":"2023-01-06T06:47:12","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=2327"},"modified":"2023-02-13T10:21:25","modified_gmt":"2023-02-13T02:21:25","slug":"fortinet-%e5%92%8c-zoho-%e6%95%a6%e4%bf%83%e7%94%a8%e6%88%b6%e5%84%98%e5%bf%ab%e4%bf%ae%e8%a3%9c%e5%ae%83%e5%80%91%e7%94%a2%e5%93%81%e4%b8%ad%e7%9a%84%e6%bc%8f%e6%b4%9e","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=2327","title":{"rendered":"Fortinet \u548c Zoho \u6566\u4fc3<a>\u7528\u6236<\/a>\u5118\u5feb\u4fee\u88dc\u5b83\u5011\u7522\u54c1\u4e2d\u7684\u6f0f\u6d1e"},"content":{"rendered":"\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"534\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/01\/image-2-1024x534.png\" alt=\"\" class=\"wp-image-2328\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/01\/image-2-1024x534.png 1024w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/01\/image-2-300x157.png 300w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/01\/image-2-768x401.png 768w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2023\/01\/image-2.png 1138w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Photo Credit: The Hacker News<\/figcaption><\/figure>\n\n\n\n<p>Fortinet \u8b66\u544a\u7a31\u5176\u7522\u54c1\u7684<a href=\"https:\/\/www.fortiguard.com\/psirt\/FG-IR-22-061\"> FortiADC<\/a> \u61c9\u7528\u7a0b\u5f0f\u4ea4\u4ed8\u63a7\u5236\u5668\u5b58\u5728\u56b4\u91cd\u6f0f\u6d1e\u5f71\u97ff\u4e26\u591a\u500b\u7248\u672c\uff0c\u8a72\u6f0f\u6d1e\u7de8\u865f\u70baCVE-2022-39947\uff0c\u4f4d\u65bcFortiADC web\u63a5\u53e3\u4e2d\uff0c\u6f0f\u6d1e\u53ef\u5c0e\u81f4\u4efb\u610f\u7a0b\u5f0f\u78bc\u57f7\u884c\u3002Fortinet\u5728\u516c\u544a\u4e2d<a href=\"https:\/\/www.fortiguard.com\/psirt\/FG-IR-22-061\" target=\"_blank\" rel=\"noreferrer noopener\">\u8868\u793a<\/a>\uff0cFortiADC\u64cd\u4f5c\u7cfb\u7d71\u547d\u4ee4\u6f0f\u6d1e\u4e2d\u4f7f\u7528\u7684\u7279\u6b8a\u5143\u7d20\u7684\u4e0d\u7576\u4e2d\u548c\u53ef\u5141\u8a31\u7d93\u904e\u8eab\u4efd\u9a57\u8b49\u7684\u653b\u64ca\u8005\u5b58\u53d6 Web \u754c\u9762\u4ee5\u901a\u904e\u7279\u88fd\u7684 HTTP \u8acb\u6c42\u57f7\u884c\u672a\u7d93\u6388\u6b0a\u7684\u7a0b\u5f0f\u78bc\u6216\u547d\u4ee4\uff0c\u6b64\u6f0f\u6d1e\u7684CVSS\u98a8\u96aa\u8a55\u5206\u9ad8\u90548.6\uff0c\u5c6c\u65bc\u9ad8\u5ea6\u98a8\u96aa\u3002<\/p>\n\n\n\n<p>Fortinet\u63d0\u5230\u8a72\u6f0f\u6d1e\u7531\u5176\u5167\u90e8\u7522\u54c1\u5b89\u5168\u5718\u968a\u767c\u73fe\uff0c\u4e26\u516c\u5e03\u5f71\u97ff\u4ee5\u4e0b\u7248\u672c:<\/p>\n\n\n\n<p>FortiADC \u7248\u672c 7.0.0 \u5230 7.0.1<\/p>\n\n\n\n<p>FortiADC \u7248\u672c 6.2.0 \u5230 6.2.3<\/p>\n\n\n\n<p>FortiADC \u7248\u672c 5.4.0 \u5230 5.4.5<\/p>\n\n\n\n<p>FortiADC \u6240\u6709\u7248\u672c 6.1<\/p>\n\n\n\n<p>FortiADC \u6240\u6709\u7248\u672c 6.0<\/p>\n\n\n\n<p>\u5b98\u65b9\u5df2\u767c\u5e03\u66f4\u65b0\u7248\u672c:<\/p>\n\n\n\n<p>\u5efa\u8b70\u7528\u6236\u5c07FortiADC\u7248\u672c6.0, 6.1 , 6.2.0 \u5230 6.2.3\u5347\u7d1a\u52306.2.4\u62167.0.0 \u5230 7.0.1\u5347\u7d1a\u52307.0.2\u4ee5\u4e0a\u7248\u672c\uff1b<\/p>\n\n\n\n<p>\u53e6\u5916\uff0c\u4e5f\u5373\u5c07\u63a8\u51fa\u7684FortiADC 5.4.6 \u6216\u4ee5\u4e0a\u7248\u672c\u4ee5\u61c9\u5c0d\u53d7\u5f71\u97ff\u76845.4.0 \u5230 5.4.5\u7248\u672c<\/p>\n\n\n\n<p>Fortinet\u5728 1 \u6708\u9084\u767c\u5e03\u4e86<a href=\"https:\/\/www.fortiguard.com\/psirt?date=01-2023\">FortiTester<\/a> \u4e2d\u7684\u591a\u500b\u98a8\u96aa\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u7684\u4fee\u88dc\uff0c\u9019\u4e9b\u6f0f\u6d1e\u88ab\u7d71\u7a31\u70baCVE-2022-35845\uff08CVSS\u98a8\u96aa\u8a55\u5206\u9ad8\u90547.6\uff09\uff0c\u9019\u4e9b\u6f0f\u6d1e\u53ef\u5141\u8a31\u7d93\u904e\u8eab\u4efd\u9a57\u8b49\u7684\u653b\u64ca\u8005\u5728\u5e95\u5c64 shell \u4e2d\u57f7\u884c\u4efb\u610f\u547d\u4ee4\uff0c\u653b\u64ca\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u8981\u6c42\u8a8d\u8b49\u3002\u64da Fortinet \u7a31\uff0c\u53d7\u5f71\u97ff\u7684FortiTester \u7248\u672c2.xx\u30013.xx\u30014.xx\u30017.x \u548c7.1.0\uff0c\u5df2\u5728\u767c\u5e03 FortiTester \u7248\u672c 3.9.2\u30014.2.1\u30017.1.1 \u548c 7.2.0\u6642\u5f97\u5230\u89e3\u6c7a\u3002<\/p>\n\n\n\n<p>\u6b64\u5916\uff0cZoho\u672c\u5468\u4e5f\u767c\u5e03\u4e86\u4e00\u4efd<a href=\"https:\/\/www.manageengine.com\/privileged-session-management\/advisory\/cve-2022-47523.html\">\u5b89\u5168\u516c\u544a<\/a>\uff0c\u547c\u7c72\u5176\u7528\u6236\u7acb\u5373\u4fee\u88dc\u5f71\u97ff\u5176\u4e09\u6b3eManageEngine\u7522\u54c1( ManageEngine Password Manager Pro\u3001PAM360 \u548c Access Manager Plus) \u7684SQL injection \u9ad8\u98a8\u96aa\u6f0f\u6d1e\uff0c\u6f0f\u6d1e\u7de8\u865f\u70baCVE-2022-47523\uff0c\u53ef\u6388\u4e88\u653b\u64ca\u8005\u672a\u7d93\u8eab\u4efd\u9a57\u8b49\u7684\u5f8c\u7aef\u8cc7\u6599\u5eab\u5b58\u53d6\u6b0a\u9650\uff0c\u4e26\u8b93\u4ed6\u5011\u57f7\u884c\u81ea\u8a02\u7fa9\u67e5\u8a62\u4ee5\u7372\u5f97\u5c0d\u8cc7\u6599\u5eab\u8868\u4e2d\u7684\u689d\u76ee\u7684\u5b58\u53d6\u6b0a\u9650\u3002\u64da Zoho\u7a31\uff0c\u6f0f\u6d1e\u5df2\u901a\u904e\u6dfb\u52a0\u9069\u7576\u7684\u9a57\u8b49\u548c\u8f49\u7fa9\u7279\u6b8a\u5b57\u7b26\u5f97\u5230\u89e3\u6c7a\uff0c\u5f37\u70c8\u5efa\u8b70\u7528\u6236\u7acb\u5373\u5347\u7d1a\u5230\u6700\u65b0\u7248\u672c\u7684 PAM360\u3001Password Manager Pro \u548c Access Manager Plus\u5373Password Manager Pro \u768412210\u7248\u672c\u3001PAM360 \u7248\u672c 5801 \u548c Access Manager Plus\u7684 4309 \u7248\u672c\u3002<\/p>\n\n\n\n<p>\u4ee5\u4e0a\u9019\u5169\u5bb6\u516c\u53f8\u4e26\u672a\u63d0\u5230\u9019\u4e9b\u6f0f\u6d1e\u5df2\u906d\u5229\u7528\u3002<\/p>\n\n\n\n<p>\u00a0&#8220;\u8f49\u8cbc\u3001\u5206\u4eab\u6216\u5f15\u7528\u6587\u7ae0\u5167\u5bb9\uff0c\u8acb\u8a3b\u660e\u51fa\u8655\u70ba\u7ae3\u76df\u79d1\u6280\u00a0<a href=\"https:\/\/www.billows.com.tw\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.billows.com.tw<\/a>\u00a0, \u4ee5\u514d\u89f8\u6cd5&#8221;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Fortinet \u8b66\u544a\u7a31\u5176\u7522\u54c1\u7684 FortiADC \u61c9\u7528\u7a0b\u5f0f\u4ea4\u4ed8\u63a7\u5236\u5668\u5b58\u5728\u56b4\u91cd\u6f0f\u6d1e\u5f71\u97ff\u4e26\u591a\u500b\u7248\u672c\uff0c\u8a72\u6f0f\u6d1e\u7de8\u865f\u70ba <a class=\"read-more\" href=\"https:\/\/blog.billows.com.tw\/?p=2327\">READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[174],"class_list":["post-2327","post","type-post","status-publish","format-standard","hentry","category-6","tag-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2327","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2327"}],"version-history":[{"count":2,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2327\/revisions"}],"predecessor-version":[{"id":2374,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2327\/revisions\/2374"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2327"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2327"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2327"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}