CVE-2023-50181

An improper access control vulnerability [CWE-284] in Fortinet FortiADC version 7.4.0 through 7.4.1 and before 7.2.4 allows a read only authenticated attacker to perform some write actions via crafted HTTP or HTTPS requests.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*

History

09 Sep 2024, 15:59

Type Values Removed Values Added
CPE cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*
Summary
  • (es) Una vulnerabilidad de control de acceso inadecuado [CWE-284] en Fortinet FortiADC versión 7.4.0 a 7.4.1 y anteriores a 7.2.4 permite que un atacante autenticado de solo lectura realice algunas acciones de escritura a través de solicitudes HTTP o HTTPS manipuladas.
CWE NVD-CWE-noinfo
First Time Fortinet
Fortinet fortiadc
References () https://fortiguard.fortinet.com/psirt/FG-IR-23-469 - () https://fortiguard.fortinet.com/psirt/FG-IR-23-469 - Vendor Advisory
CVSS v2 : unknown
v3 : 4.9
v2 : unknown
v3 : 6.5

09 Jul 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-09 16:15

Updated : 2024-09-09 15:59


NVD link : CVE-2023-50181

Mitre link : CVE-2023-50181

CVE.ORG link : CVE-2023-50181


JSON object : View

Products Affected

fortinet

  • fortiadc
CWE
NVD-CWE-noinfo CWE-284

Improper Access Control