Lucene search
FortinetCVELIST:CVE-2023-26207HistoryJun 13, 2023 - 8:41 a.m.
CVE-2023-26207
2023-06-1308:41:45
CWE-532
fortinet
www.cve.org
5
fortinet
fortios
fortiproxy
log file
vulnerability
plain text
passwords
attacker
cve-2023-26207
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/RC:C
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
25.8%
An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 through 7.2.4 and FortiProxy 7.0.0 through 7.0.10. 7.2.0 through 7.2.1 allows an attacker to read certain passwords in plain text.
CNA Affected
[
{
"vendor": "Fortinet",
"product": "FortiProxy",
"defaultStatus": "unaffected",
"versions": [
{
"versionType": "semver",
"version": "7.2.0",
"lessThanOrEqual": "7.2.1",
"status": "affected"
},
{
"versionType": "semver",
"version": "7.0.0",
"lessThanOrEqual": "7.0.10",
"status": "affected"
}
]
},
{
"vendor": "Fortinet",
"product": "FortiOS",
"defaultStatus": "unaffected",
"versions": [
{
"versionType": "semver",
"version": "7.2.0",
"lessThanOrEqual": "7.2.5",
"status": "affected"
}
]
}
]References
Related
nvd
nvd
CVE-2023-26207
2023-06-13 09:15:16
nessus
nessus
cve
cve
CVE-2023-26207
2023-06-13 09:15:16
prion
prion
Design/Logic Flaw
2023-06-13 09:15:00
fortinet
fortinet
Protect
2023-06-12 00:00:00
ics
ics
Siemens RUGGEDCOM APE1808 with Fortigate NGFW Devices
2024-03-14 12:00:00
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/RC:C
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
25.8%
Related for CVELIST:CVE-2023-26207