CVE-2023-44254 - CERT CVE

  1. CVE-2023-44254

ID CVE-2023-44254
Sažetak An authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer version 7.4.1 and before 7.2.5 and FortiManager version 7.4.1 and before 7.2.5 may allow a remote attacker with low privileges to read sensitive data via a crafted HTTP request.
Reference
CVSS
Base: 5.0
Impact: 1.4
Exploitability:3.1
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
LOW NONE NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Zadnje važnije ažuriranje 10-09-2024 - 15:50
Objavljeno 10-09-2024 - 15:15