VYPR
Unrated severityNVD Advisory· Published Nov 14, 2023· Updated Aug 30, 2024

CVE-2023-25603

CVE-2023-25603

Description

A permissive cross-domain policy with untrusted domains vulnerability in Fortinet FortiADC 7.1.0 - 7.1.1, FortiDDoS-F 6.3.0 - 6.3.4 and 6.4.0 - 6.4.1 allow an unauthorized attacker to carry out privileged actions and retrieve sensitive information via crafted web requests.

Affected products

4
  • Fortinet/Fortiddos Fllm-fuzzy2 versions
    6.3.0 - 6.3.4, 6.4.0 - 6.4.1+ 1 more
    • (no CPE)range: 6.3.0 - 6.3.4, 6.4.0 - 6.4.1
    • (no CPE)range: 6.4.0
  • Fortinet/Fortiadc 200dllm-fuzzy2 versions
    7.1.0 - 7.1.1+ 1 more
    • (no CPE)range: 7.1.0 - 7.1.1
    • (no CPE)range: 7.1.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.