CVE-2023-33303

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Oct 13, 2023
Updated: Nov 7, 2023
CWE ID 613

Summary

CVE-2023-33303 is an insufficient session expiration vulnerability found in Fortinet FortiEDR version 5.0.0 through 5.0.1. It affects products such as tzcV4A, tzcV4B, mRAb7V, and mRAb7W. This vulnerability allows attackers to execute unauthorized code or commands through API requests. The risk score is 25, with a base severity rating of HIGH according to the National Vulnerability Database (NVD). It has a CVSS vector string of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating its impact on confidentiality, integrity, and availability is high. The NVD has not provided any information on remediation or the potential danger it poses to organizations at this time.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-33303 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options