VYPR
Unrated severityNVD Advisory· Published Jan 10, 2024· Updated Nov 14, 2024

CVE-2023-44250

CVE-2023-44250

Description

An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.

Affected products

4
  • Fortinet/Fortiproxyllm-fuzzy2 versions
    7.4.0-7.4.1+ 1 more
    • (no CPE)range: 7.4.0-7.4.1
    • (no CPE)range: 7.4.0
  • Fortinet/Fortiosllm-fuzzy2 versions
    7.4.0-7.4.1, 7.2.5+ 1 more
    • (no CPE)range: 7.4.0-7.4.1, 7.2.5
    • (no CPE)range: 7.4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.