CVE-2023-44250
8.8HIGHAn improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an aut
Veröffentlicht: 1/10/2024Aktualisiert: 11/21/2024
Beschreibung
An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.
KI-AnalyseKI-gestützt
Betroffene Produkte
fortinetfortiproxy
7.4.0
fortinetfortiproxy
7.4.1
fortinetfortios
7.2.5
fortinetfortios
7.4.0
fortinetfortios
7.4.1
Referenzen
- https://fortiguard.com/psirt/FG-IR-23-315Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-23-315Vendor Advisory