How severe is CVE-2023-46715?

CVE-2023-46715 has a CVSS v3 score of 5 (MEDIUM).

CVE-2023-46715

Name: fortios
Author: fortinet

5.0MEDIUM

An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP address

Publicado: 1/14/2025Actualizado: 1/31/2025

Descripción

An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets.

Análisis IAImpulsado por IA

Productos Afectados

fortinetfortios

Referencias

https://fortiguard.com/psirt/FG-IR-23-407
Vendor Advisory