An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-23-315 |
History
Thu, 14 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-01-10T17:51:37.440Z
Updated: 2024-11-14T17:25:04.152Z
Reserved: 2023-09-27T12:26:48.750Z
Link: CVE-2023-44250
Vulnrichment
Updated: 2024-08-02T19:59:51.922Z
NVD
Status : Modified
Published: 2024-01-10T18:15:46.030
Modified: 2024-11-21T08:25:31.227
Link: CVE-2023-44250
Redhat
No data.