Description
An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7.2.2 may allow a low privileged user to read or backup the full system configuration via HTTP or HTTPS requests.
Published: 2023-12-13
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

Vendor Solution

Please upgrade to FortiADC version 7.4.1 or above Please upgrade to FortiADC version 7.2.3 or above

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-46165 An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7.2.2 may allow a low privileged user to read or backup the full system configuration via HTTP or HTTPS requests.
References
Link Providers
https://fortiguard.com/psirt/FG-IR-23-270 cve-icon cve-icon
History

No history.

Subscriptions

Fortinet Fortiadc
cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published:

Updated: 2024-08-02T19:01:35.408Z

Reserved: 2023-08-30T13:42:39.546Z

Link: CVE-2023-41673

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-13T07:15:15.860

Modified: 2024-11-21T08:21:27.757

Link: CVE-2023-41673

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses