A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
Advisories
Source ID Title
EUVD EUVD EUVD-2023-40501 A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
Fixes

Solution

Please upgrade to FortiManager version 7.4.1 or above Please upgrade to FortiManager version 7.2.4 or above Please upgrade to FortiManager version 7.0.11 or above Please upgrade to FortiManager version 6.4.14 or above


Workaround

No workaround given by the vendor.

References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published:

Updated: 2024-08-02T16:52:52.352Z

Reserved: 2023-06-23T14:57:30.033Z

Link: CVE-2023-36554

cve-icon Vulnrichment

Updated: 2024-08-02T16:52:52.352Z

cve-icon NVD

Status : Modified

Published: 2024-03-12T15:15:45.693

Modified: 2024-11-21T08:09:55.333

Link: CVE-2023-36554

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.