A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
References
History

Wed, 23 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2023-06-13'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-06-13T08:41:47.415Z

Updated: 2024-10-23T13:18:14.745Z

Reserved: 2023-03-09T10:09:33.119Z

Link: CVE-2023-27997

cve-icon Vulnrichment

Updated: 2024-08-02T12:23:30.864Z

cve-icon NVD

Status : Modified

Published: 2023-06-13T09:15:16.613

Modified: 2024-11-21T07:53:53.957

Link: CVE-2023-27997

cve-icon Redhat

No data.