CVE-2023-44250
8.8HIGHAn improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an aut
Опубликовано: 1/10/2024Обновлено: 11/21/2024
Описание
An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.
ИИ-АнализНа базе ИИ
Затронутые продукты
fortinetfortiproxy
7.4.0
fortinetfortiproxy
7.4.1
fortinetfortios
7.2.5
fortinetfortios
7.4.0
fortinetfortios
7.4.1
Ссылки
- https://fortiguard.com/psirt/FG-IR-23-315Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-23-315Vendor Advisory