4 matches found
Fortinet FortiProxy Privilage Escalation (FG-IR-23-315)
The version of FortiProxy installed on the remote host is prior to tested version. It is, therefore, affected by an improper privilege management vulnerability CWE-269 in a FortiOS & FortiProxy HA cluster may allow an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS...
CVE-2023-44250
creationtimestamp| type| source ---|---|--- 2024-01-10 19:26:12+00:00| seen| https://t.me/ctinow/166074 2024-01-26 14:11:08+00:00| seen| https://t.me/ctinow/174236...
CVE-2023-44250
CVE-2023-44250 describes an improper privilege management (CWE-269) in Fortinet FortiOS HA clusters (versions 7.4.0–7.4.1 and 7.2.5) and FortiProxy HA clusters (7.4.0–7.4.1). An authenticated attacker can perform elevated actions via crafted HTTP(S) requests. The CVSS v3.1 base score is 8.8 (Netw...
Fortinet Fortigate Improper authorization for HA requests (FG-IR-23-315)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-315 advisory. - An improper privilege management vulnerability CWE-269 in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2...