Overview
- Description
- A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.13 allows attacker to execute unauthorized code or commands via phishing SAML authentication link.
- Source
- psirt@fortinet.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 5.9
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- psirt@fortinet.com
- CWE-384
Social media
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
برای برخی محصولات Fortinet شامل : FortiOS و FortiAnalyzer و FortiClient چندین آسیب پذیری Critical با کدهای شناسایی CVE-2024-23666 و CVE-2024-36513 و CVE-2023-50176 منتشر شده است. این آسیب پذیری ها از نوع Hijack session و privilege escalation می باشند. https://t.co/Poz3aKYxT1 http
@AmirHossein_sec
15 Nov 2024
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
フォーティネット社がFortiOSにおける深刻な脆弱性を修正。CVE-2023-50176は未認証の攻撃者がフィッシングのSAMLリンクによりユーザーセッションを乗っ取れるもの。FortiAnalyzerとFortiManagerに影響。 https://t.co/8quV6nPMsu
@__kokumoto
13 Nov 2024
1043 Impressions
5 Retweets
10 Likes
1 Bookmark
0 Replies
1 Quote
CVE-2023-50176 A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7... https://t.co/VP8szwiKcc Vulnerability Notification: https://t.co/xhLrNng6hm
@VulmonFeeds
13 Nov 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes