Lucene search
K

4 matches found

NCSC
NCSC
added 2023/07/13 12:0 a.m.17 views

Vulnerabilities fixed in FortiNet FortiOS and FortiProxy

FortiNet has fixed vulnerabilities in FortiOS and FortiProxy. A malicious party could exploit the vulnerabilities to execute arbitrary execute arbitrary code on the vulnerable system, or under specific circumstances to take over a user's session. The vulnerability with attribute CVE-2023-33308...

9.8CVSS7.8AI score0.02121EPSS
Exploits0
Circl
Circl
added 2023/07/11 8:29 p.m.9 views

CVE-2023-28001

creationtimestamp| type| source ---|---|--- 2023-07-11 20:29:58+00:00| seen| https://t.me/cibsecurity/66417 2023-07-12 20:01:05+00:00| seen| https://t.me/truesecator/4609...

9.8CVSS8.7AI score0.00506EPSS
Exploits0References2
CVE
CVE
added 2023/07/11 4:52 p.m.2552 views

CVE-2023-28001

CVE-2023-28001 affects Fortinet FortiOS FortiOS REST API. The issue is an insufficient session expiration that could allow an attacker to reuse the session of a deleted user to execute unauthorized code/commands. Connected sources confirm the vulnerability and note Fortinet/FortiGuard PSIRT advis...

9.8CVSS9.5AI score0.00506EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/07/11 12:0 a.m.168 views

Fortinet Fortigate Existing websocket connection persists after deleting API admin (FG-IR-23-028)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-028 advisory. - An insufficient session expiration in Fortinet FortiOS 7.0.0 - 7.0.12 and 7.2.0 - 7.2.4 allows an attacker to execute...

9.8CVSS8.6AI score0.00506EPSS
Exploits0References2
Rows per page
Query Builder