Lucene search
FortinetCVE-2023-33301HistoryOct 10, 2023 - 5:15 p.m.
CVE-2023-33301
2023-10-1017:15:11
CWE-284
fortinet
web.nvd.nist.gov
42
fortinet
fortios
vulnerability
access control
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U
AI Score
4.5
Confidence
High
EPSS
0.001
Percentile
18.6%
An improper access control vulnerability in Fortinet FortiOS 7.2.0 - 7.2.4 and 7.4.0 allows an attacker to access a restricted resource from a non trusted host.
Affected configurations
Node
fortinetfortiosRange7.2.0–7.2.4
ORfortinetfortiosMatch7.4.0
CNA Affected
[
{
"vendor": "Fortinet",
"product": "FortiOS",
"defaultStatus": "unaffected",
"versions": [
{
"version": "7.4.0",
"status": "affected"
},
{
"versionType": "semver",
"version": "7.2.0",
"lessThanOrEqual": "7.2.4",
"status": "affected"
}
]
}
]References
Related
vulnrichment
vulnrichment
CVE-2023-33301
2023-10-10 16:48:27
nvd
nvd
CVE-2023-33301
2023-10-10 17:15:11
nessus
nessus
Fortinet Fortigate - REST API trusted host bypass (FG-IR-23-139)
2023-10-10 00:00:00
cnvd
cnvd
Fortinet FortiOS Access Control Error Vulnerability (CNVD-2023-98189)
2023-10-13 00:00:00
cvelist
cvelist
CVE-2023-33301
2023-10-10 16:48:27
fortinet
fortinet
Protect
2023-10-10 00:00:00
prion
prion
Improper access control
2023-10-10 17:15:00
ics
ics
Siemens RUGGEDCOM APE1808 with Fortigate NGFW Devices
2024-03-14 12:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U
AI Score
4.5
Confidence
High
EPSS
0.001
Percentile
18.6%
Related for CVE-2023-33301