CVE-2023-46712

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jan 10, 2024
Updated: Jan 17, 2024
CWE ID 284

Summary

CVE-2023-46712 is a newly disclosed vulnerability affecting Fortinet FortiPortal versions 7.0.0 through 7.0.6 and 7.2.0 through 7.2.1. An attacker can exploit this improper access control issue by sending specifically crafted HTTP requests to escalate their privileges, potentially gaining unauthorized access to sensitive information or system functionality. This vulnerability poses a significant risk to organizations using the affected FortiPortal versions and requires immediate attention and patching to mitigate the threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share