CVE-2023-26207

🗓️ 13 Jun 2023 08:41:45Reported by fortinetType

An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 through 7.2.4 and FortiProxy 7.0.0 through 7.0.10

Reporter	Title	Published	Views	Family All 12
CNNVD	Fortinet FortiOS 日志信息泄露漏洞	13 Jun 202300:00	–	cnnvd
Cvelist	CVE-2023-26207	13 Jun 202308:41	–	cvelist
EUVD	EUVD-2023-30032	3 Oct 202520:07	–	euvd
Fortinet	Protect	12 Jun 202300:00	–	fortinet
Tenable Nessus	Fortinet Fortigate - SMTP password ciphertext exposure in Log (FG-IR-22-455)	12 Jun 202300:00	–	nessus
Tenable Nessus	Fortinet FortiProxy - SMTP password ciphertext exposure in Log (FG-IR-22-455)	29 Sep 202300:00	–	nessus
NCSC	Vulnerabilities fixed in Siemens products	12 Mar 202400:00	–	ncsc
NVD	CVE-2023-26207	13 Jun 202309:15	–	nvd
Prion	Design/Logic Flaw	13 Jun 202309:15	–	prion
Positive Technologies	PT-2023-3238 · Fortinet · Fortiproxy +1	12 Jun 202300:00	–	ptsecurity

NVD

Node

fortinet fortiproxyRange7.0.0–7.0.10

fortinet fortiproxyMatch7.2.0

fortinet fortiproxyMatch7.2.1

fortinet fortiosRange7.2.0–7.2.4

[
  {
    "vendor": "Fortinet",
    "product": "FortiProxy",
    "defaultStatus": "unaffected",
    "versions": [
      {
        "versionType": "semver",
        "version": "7.2.0",
        "lessThanOrEqual": "7.2.1",
        "status": "affected"
      },
      {
        "versionType": "semver",
        "version": "7.0.0",
        "lessThanOrEqual": "7.0.10",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fortinet",
    "product": "FortiOS",
    "defaultStatus": "unaffected",
    "versions": [
      {
        "versionType": "semver",
        "version": "7.2.0",
        "lessThanOrEqual": "7.2.5",
        "status": "affected"
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.com/psirt/FG-IR-22-455

21 Nov 2024 07:50Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.13.3 - 6.5

EPSS0.0025

SSVC

CWE-532