Unauthorized Code Execution via SQL Injection in FortiSOAR
CVE-2023-23775
8.8HIGH
What is CVE-2023-23775?
The identified vulnerabilities in FortiSOAR products arise from multiple instances of improper handling of special elements in SQL commands, which are classified under SQL injection threats. These vulnerabilities enable an authenticated attacker to execute unauthorized commands by sending specially crafted string parameters. This may lead to severe implications for data integrity and system security, necessitating swift remedial actions.
Affected Version(s)
FortiSOAR 7.2.0
FortiSOAR 7.0.0 <= 7.0.3