CVE-2023-44250
8.8HIGHAn improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an aut
Publicado: 1/10/2024Actualizado: 11/21/2024
Descripción
An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.
Análisis IAImpulsado por IA
Productos Afectados
fortinetfortiproxy
7.4.0
fortinetfortiproxy
7.4.1
fortinetfortios
7.2.5
fortinetfortios
7.4.0
fortinetfortios
7.4.1
Referencias
- https://fortiguard.com/psirt/FG-IR-23-315Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-23-315Vendor Advisory