A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0.0 through 7.0.8 and 6.4.0 through 6.4.12 and 6.2.0 through 6.2.11 allows attacker to execute unauthorized code or commands via crafted HTTP requests.
References
| Link | Resource |
|---|---|
| https://fortiguard.com/psirt/FG-IR-23-189 | Vendor Advisory |
| https://fortiguard.com/psirt/FG-IR-23-189 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
16 Dec 2024, 22:23
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Fortinet
Fortinet fortimanager |
|
| CPE | cpe:2.3:a:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:* |
|
| References | () https://fortiguard.com/psirt/FG-IR-23-189 - Vendor Advisory | |
| CWE | CWE-22 |
21 Nov 2024, 08:23
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://fortiguard.com/psirt/FG-IR-23-189 - | |
| Summary |
|
20 Feb 2024, 14:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-02-20 14:15
Updated : 2024-12-16 22:23
NVD link : CVE-2023-42791
Mitre link : CVE-2023-42791
CVE.ORG link : CVE-2023-42791
JSON object : View
Products Affected
fortinet
- fortimanager