CVE-2023-46712
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Jan 10, 2024
Updated: Jan 17, 2024
CWE ID 284
Summary
CVE-2023-46712 is a newly disclosed vulnerability affecting Fortinet FortiPortal versions 7.0.0 through 7.0.6 and 7.2.0 through 7.2.1. An attacker can exploit this improper access control issue by sending specifically crafted HTTP requests to escalate their privileges, potentially gaining unauthorized access to sensitive information or system functionality. This vulnerability poses a significant risk to organizations using the affected FortiPortal versions and requires immediate attention and patching to mitigate the threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- FortiPortal
Affected Vendors
- Fortinet