CVE-2023-41682

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Oct 13, 2023
Updated: Nov 7, 2023
CWE ID 22

Summary

CVE-2023-41682 is a vulnerability categorized as "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)" with a base severity rating of HIGH and a base score of 8.1. It affects multiple versions of Fortinet FortiSandbox, including 4.4.0, 4.2.0 through 4.2.5, 4.0.0 through 4.0.3, 3.2.0 through 3.2.4, and others. The vulnerability allows an attacker to perform path traversal attacks and cause denial of service by exploiting crafted HTTP requests. The exploitability score is rated at 2.8 out of 10, indicating a moderate level of difficulty for exploitation. The impact score is calculated to be 5.2 out of 10, with high integrity impact and no confidentiality impact involved in the attack vector primarily targeting network services on affected systems. To remediate this vulnerability, it is recommended to update the Fortinet FortiSandbox software to a patched version provided by the vendor as soon as possible to mitigate the risk associated with this vulnerability. This vulnerability poses a significant danger to organizations using affected versions of Fortinet FortiSandbox, as it can allow an attacker to disrupt services and potentially compromise the integrity of the system or network infrastructure where it is deployed.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-41682 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options