exploitDog

GHSA-mjfm-wh8j-9fgg

Опубликовано: 13 дек. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1 through 5.1.2 may allow an authenticated attacker to escalate his privileges via HTTP or HTTPs requests with crafted JWT token values.

** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1 through 5.1.2 may allow an authenticated attacker to escalate his privileges via HTTP or HTTPs requests with crafted JWT token values.

Ссылки

EPSS

Процентиль: 47%

0.00239

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-287

Связанные уязвимости

CVE-2023-44252

CVSS3: 8.8

nvd

около 2 лет назад

** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1 through 5.1.2 may allow an authenticated attacker to escalate his privileges via HTTP or HTTPs requests with crafted JWT token values.

BDU:2023-08823

CVSS3: 8.8

fstec

около 2 лет назад

Уязвимость системы балансировки трафика FortiWAN, связанная с недостатками процедуры аутентификации, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 47%

0.00239

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-287