CVE-2023-41673
7.1HIGHAn improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7.2.2 may allow a low privileged user to read or backup the full system configuration via HTTP or HTTPS
Published: 12/13/2023Updated: 11/21/2024
Description
An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7.2.2 may allow a low privileged user to read or backup the full system configuration via HTTP or HTTPS requests.
AI AnalysisPowered by AI
Affected Products
fortinetfortiadc
fortinetfortiadc
fortinetfortiadc
fortinetfortiadc
fortinetfortiadc
7.1.0
fortinetfortiadc
7.1.1
fortinetfortiadc
7.1.2
fortinetfortiadc
7.2.0
fortinetfortiadc
7.4.0
References
- https://fortiguard.com/psirt/FG-IR-23-270Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-23-270Vendor Advisory