Lucene search

China National Vulnerability DatabaseCNVD-2023-98189

HistoryOct 13, 2023 - 12:00 a.m.

Fortinet FortiOS Access Control Error Vulnerability (CNVD-2023-98189)

2023-10-1300:00:00

China National Vulnerability Database

www.cnvd.org.cn

fortinet fortios

access control

vulnerability

improper access control

attacker

restricted resources

untrusted host

security features

firewall

antivirus

ipsec/sslvpn

web content filtering

anti-spam

network security platform

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.2%

JSON

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita (Fortinet). The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An Access Control Error vulnerability exists in Fortinet FortiOS that stems from the presence of improper access control. An attacker could exploit the vulnerability to access restricted resources from an untrusted host.

CPENameOperatorVersion
fortinet fortios >=7.2.0，le7.2.4
fortinet fortioseq7.4.0

CPE	Name	Operator	Version
	fortinet fortios >=7.2.0，	le	7.2.4
	fortinet fortios	eq	7.4.0