Unrated severityNVD Advisory· Published Dec 13, 2023· Updated May 22, 2025
CVE-2023-47536
CVE-2023-47536
Description
An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update.
Affected products
4<= 7.2.3 or <= 7.0.9 or <= 2.0.12+ 1 more
- (no CPE)range: <= 7.2.3 or <= 7.0.9 or <= 2.0.12
- (no CPE)range: 7.2.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.