Relative Path Traversal Vulnerability in Fortinet FortiWeb
CVE-2023-23784

5.6MEDIUM

Key Information:

Vendor

Fortinet
Status
Fortiweb
Vendor
CVE Published:
16 February 2023

What is CVE-2023-23784?

A relative path traversal vulnerability has been identified in Fortinet FortiWeb, impacting versions from 7.0.0 to 7.0.2 and 6.3.6 to 6.3.20, alongside all versions of 6.4. This vulnerability allows attackers to conduct information disclosure through intentionally crafted web requests, which may lead to unauthorized access to sensitive information hosted on the affected system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

FortiWeb 7.0.0 <= 7.0.2

FortiWeb 6.4.0 <= 6.4.2

FortiWeb 6.3.6 <= 6.3.20

References

https://fortiguard.com/psirt/FG-IR-22-251

CVSS V3.1

Score:
5.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.