CVE-2023-34985

CVSS Score of 10 (low)

Details

Published Oct 10, 2023
Updated: Nov 7, 2023
CWE ID 78

Summary

CVE-2023-34985 is a vulnerability in Fortinet FortiWLM versions 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4, allowing an attacker to execute unauthorized code or commands through specially crafted HTTP get request parameters, known as an OS command injection. This vulnerability has a CVSS score of 8.8, indicating a high severity level. The affected products include kZ4fOI, kZ4fOJ, kZ4fOK, l5knAB, l5knAA, kZ4fOG, and kZ4fOH. To remediate this vulnerability, users should apply the latest security updates and patches provided by Fortinet to address the issue and prevent potential exploitation. Organizations should be aware of the potential danger this vulnerability poses as it can lead to the unauthorized execution of code or commands on affected systems, compromising their integrity and confidentiality.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-34985 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options