CVE-2023-44254 | Fortinet FortiAnalyzer/FortiManager up to 6.2.12/6.4.14/7.0.12/7.2.4/7.4.0 HTTP Request authorization (FG-IR-23-204)

Posted by Angelo Barbosa | Sep 10, 2024 | CVE

A vulnerability, which was classified as problematic, was found in Fortinet FortiAnalyzer and FortiManager up to 6.2.12/6.4.14/7.0.12/7.2.4/7.4.0. Affected is an unknown function of the component HTTP Request Handler. The manipulation leads to authorization bypass.

This vulnerability is traded as CVE-2023-44254. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-44254 | Fortinet FortiAnalyzer/FortiManager up to 6.2.12/6.4.14/7.0.12/7.2.4/7.4.0 HTTP Request authorization (FG-IR-23-204)

Related Posts

CVE-2024-38441 | Netatalk 3.2.0 etc/afp/directory.c afp_mapname heap-based overflow

CVE-2024-26352 | flusity CMS 2.33 add_places.php cross-site request forgery

CVE-2024-42350 | biscuit-auth biscuit 3 exposure of resource

CVE-2024-43249 | Bit Apps Bit Form Pro Plugin up to 2.6.4 on WordPress unrestricted upload