Unrated severityNVD Advisory· Published Nov 14, 2023· Updated Aug 30, 2024

CVE-2023-25603

Description

A permissive cross-domain policy with untrusted domains vulnerability in Fortinet FortiADC 7.1.0 - 7.1.1, FortiDDoS-F 6.3.0 - 6.3.4 and 6.4.0 - 6.4.1 allow an unauthorized attacker to carry out privileged actions and retrieve sensitive information via crafted web requests.

Affected products

Fortinet/Fortiddos Fv5
Range: 6.4.0
Fortinet/FortiADCv5
Range: 7.1.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

fortiguard.com/psirt/FG-IR-22-518mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000