CVE-2023-25609 - OpenCVE

A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 through 6.4.11 may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fortinet	Fortianalyzer Fortimanager

Configuration 1 [-]

OR	cpe:2.3:a:fortinet:fortianalyzer::::::::
	cpe:2.3:a:fortinet:fortianalyzer::::::::
	cpe:2.3:a:fortinet:fortianalyzer:7.2.0:::::::*
	cpe:2.3:a:fortinet:fortianalyzer:7.2.1:::::::*
	cpe:2.3:a:fortinet:fortimanager::::::::
	cpe:2.3:a:fortinet:fortimanager::::::::
	cpe:2.3:a:fortinet:fortimanager:7.2.0:::::::*
	cpe:2.3:a:fortinet:fortimanager:7.2.1:::::::*

No data.

References

Link	Providers
https://fortiguard.com/psirt/FG-IR-22-493

History

No history.

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-06-13T08:41:45.316Z

Updated: 2024-08-02T11:25:19.297Z

Reserved: 2023-02-08T13:42:03.367Z

Link: CVE-2023-25609

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-06-13T09:15:16.227

Modified: 2023-11-07T04:09:04.177

Link: CVE-2023-25609

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-25609", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2023-02-08T13:42:03.367Z", "datePublished": "2023-06-13T08:41:45.316Z", "dateUpdated": "2024-08-02T11:25:19.297Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiAnalyzer", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.1", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.6", "status": "affected"}, {"versionType": "semver", "version": "6.4.8", "lessThanOrEqual": "6.4.11", "status": "affected"}]}, {"vendor": "Fortinet", "product": "FortiManager", "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.1", "status": "affected"}, {"versionType": "semver", "version": "7.0.0", "lessThanOrEqual": "7.0.6", "status": "affected"}, {"versionType": "semver", "version": "6.4.8", "lessThanOrEqual": "6.4.11", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A server-side request forgery (SSRF) vulnerability\u00a0[CWE-918] in\u00a0FortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 through 6.4.11 may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2023-06-13T08:41:45.316Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-918", "description": "Information disclosure", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:F/RL:X/RC:C"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiAnalyzer version 7.2.2 or above Please upgrade to FortiAnalyzer version 7.0.7 or above Please upgrade to FortiAnalyzer version 6.4.12 or above Please upgrade to FortiManager version 7.2.2 or above Please upgrade to FortiManager version 7.0.7 or above Please upgrade to FortiManager version 6.4.12 or above "}], "references": [{"name": "https://fortiguard.com/psirt/FG-IR-22-493", "url": "https://fortiguard.com/psirt/FG-IR-22-493"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:25:19.297Z"}, "title": "CVE Program Container", "references": [{"name": "https://fortiguard.com/psirt/FG-IR-22-493", "url": "https://fortiguard.com/psirt/FG-IR-22-493", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1422EEA-A01E-4451-ACB4-1EC85FC15E02", "versionEndIncluding": "6.4.11", "versionStartIncluding": "6.4.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*", "matchCriteriaId": "77DD4559-290F-424D-8696-20AE8FF42714", "versionEndIncluding": "7.0.6", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "319D2F9D-E1E5-49C7-8ABD-0A64D7B05D58", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "FDD88F7C-8136-4CFF-AF1E-9AE928878C7F", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", "matchCriteriaId": "431C5172-EFBC-4E26-AAF5-97A1251A368B", "versionEndIncluding": "6.4.11", "versionStartIncluding": "6.4.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*", "matchCriteriaId": "D25913D0-D586-4A59-9723-E26009AD17E5", "versionEndIncluding": "7.0.6", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "407755AA-0C23-4C5B-88A2-8BC12A3D268D", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A0A1111-4054-4C7B-B333-E13A8684207B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A server-side request forgery (SSRF) vulnerability\u00a0[CWE-918] in\u00a0FortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 through 6.4.11 may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests."}], "id": "CVE-2023-25609", "lastModified": "2023-11-07T04:09:04.177", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2023-06-13T09:15:16.227", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-22-493"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-918"}], "source": "psirt@fortinet.com", "type": "Secondary"}]}