An Authorization Bypass Through User-Controlled Key vulnerability [CWE-639] affecting PortiPortal version 7.2.1 and below, version 7.0.6 and below, version 6.0.14 and below, version 5.3.8 and below may allow a remote authenticated user with at least read-only permissions to access to other organization endpoints via crafted GET requests.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2024-01-10T17:51:38.440Z

Updated: 2024-08-02T21:37:54.975Z

Reserved: 2023-11-19T19:58:38.554Z

Link: CVE-2023-48783

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-01-10T18:15:46.807

Modified: 2024-11-21T08:32:26.210

Link: CVE-2023-48783

cve-icon Redhat

No data.