How severe is CVE-2023-46715?

CVE-2023-46715 has a CVSS v3 score of 5 (MEDIUM).

CVE-2023-46715

Name: fortios
Author: fortinet

5.0MEDIUM

An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP address

Publicado: 1/14/2025Atualizado: 1/31/2025

Descrição

An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets.

Análise IADesenvolvido por IA

Produtos Afetados

fortinetfortios

Referências

https://fortiguard.com/psirt/FG-IR-23-407
Vendor Advisory