VYPR
Unrated severityNVD Advisory· Published Jan 14, 2025· Updated Jan 14, 2025

CVE-2023-46715

CVE-2023-46715

Description

An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets.

Affected products

3
  • Fortinet/Fortiosv52 versions
    cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*range: 7.4.0
    • (no CPE)range: >=7.4.0 <=7.4.1, <=7.2.6
  • Range: 7.4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.