An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0 - 7.2.4 and 7.4.0 - 7.4.2 allows an attacker to create users with elevated privileges via a crafted HTTP request.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-23-459 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
09 Sep 2024, 16:05
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CWE | NVD-CWE-noinfo | |
References | () https://fortiguard.com/psirt/FG-IR-23-459 - Vendor Advisory | |
CPE | cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortiextender_firmware:5.3.2:*:*:*:*:*:*:* cpe:2.3:h:fortinet:fortiextender:-:*:*:*:*:*:*:* |
|
First Time |
Fortinet
Fortinet fortiextender Firmware Fortinet fortiextender |
09 Jul 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-09 16:15
Updated : 2024-09-09 16:05
NVD link : CVE-2024-23663
Mitre link : CVE-2024-23663
CVE.ORG link : CVE-2024-23663
JSON object : View
Products Affected
fortinet
- fortiextender_firmware
- fortiextender
CWE