How severe is CVE-2023-25603?

CVE-2023-25603 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2023-25603

Name: fortiddos-f
Author: fortinet

5.4MEDIUM

A permissive cross-domain policy with untrusted domains vulnerability in Fortinet FortiADC 7.1.0 - 7.1.1, FortiDDoS-F 6.3.0 - 6.3.4 and 6.4.0 - 6.4.1 allow an unauthorized attacker to carry out privil

Published: 11/14/2023Updated: 11/21/2024

Description

A permissive cross-domain policy with untrusted domains vulnerability in Fortinet FortiADC 7.1.0 - 7.1.1, FortiDDoS-F 6.3.0 - 6.3.4 and 6.4.0 - 6.4.1 allow an unauthorized attacker to carry out privileged actions and retrieve sensitive information via crafted web requests.

AI AnalysisPowered by AI

Affected Products

fortinetfortiadc

7.1.0

fortinetfortiadc

7.1.1

fortinetfortiddos-f

6.4.0

fortinetfortiddos-f

6.4.1

References

https://fortiguard.com/psirt/FG-IR-22-518
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-22-518
Vendor Advisory