CVE-2024-23112 | ByteOS Network

Vulnerability Details :

CVE-2024-23112

Assigner-fortinet

Assigner Org ID-6abe59d8-c742-4dff-8ce8-9b0ca1073da8

Published At-12 Mar, 2024 | 15:09

Updated At-01 Aug, 2024 | 22:51

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticated attacker to gain access to another user’s bookmark via URL manipulation.

EPSS History

Score

Latest Score

-

N/A

Percentile

Latest Percentile

-

N/A

▼Common Vulnerabilities and Exposures (CVE)

Assigner:fortinet

Assigner Org ID:6abe59d8-c742-4dff-8ce8-9b0ca1073da8

Published At:12 Mar, 2024 | 15:09

Updated At:01 Aug, 2024 | 22:51

▼CVE Numbering Authority (CNA)

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticated attacker to gain access to another user’s bookmark via URL manipulation.

Affected Products

Vendor

Product

Default Status

unaffected

Versions

Affected

From 7.4.0 through 7.4.1 (semver)
From 7.2.0 through 7.2.6 (semver)
From 7.0.1 through 7.0.13 (semver)
From 6.4.7 through 6.4.14 (semver)

Vendor

Product

Default Status

unaffected

Versions

Affected

From 7.4.0 through 7.4.2 (semver)
From 7.2.0 through 7.2.8 (semver)
From 7.0.0 through 7.0.14 (semver)

Problem Types

Type	CWE ID	Description
CWE	CWE-639	Improper access control

Type: CWE

CWE ID: CWE-639

Description: Improper access control

Metrics

Version	Base score	Base severity	Vector
3.1	7.2	HIGH	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C

Version: 3.1

Base score: 7.2

Base severity: HIGH

Vector:

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C

Solutions

Please upgrade to FortiOS version 7.4.2 or above Please upgrade to FortiOS version 7.2.7 or above Please upgrade to FortiOS version 7.0.14 or above Please upgrade to FortiOS version 6.4.15 or above Please upgrade to FortiProxy version 7.4.3 or above Please upgrade to FortiProxy version 7.2.9 or above Please upgrade to FortiProxy version 7.0.15 or above

References

Hyperlink	Resource
https://fortiguard.com/psirt/FG-IR-24-013	N/A

Hyperlink: https://fortiguard.com/psirt/FG-IR-24-013

Resource: N/A

▼Authorized Data Publishers (ADP)

1. CISA ADP Vulnrichment

Affected Products

Vendor

Product

CPEs

cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*

Default Status

unaffected

Versions

Affected

From 7.4.0 through 7.4.1 (semver)

Vendor

Product

CPEs

cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*

Default Status

unaffected

Versions

Affected

From 7.2.0 through 7.2.6 (semver)

Vendor

Product

CPEs

cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*

Default Status

unaffected

Versions

Affected

From 7.0.1 through 7.0.13 (semver)

Vendor

Product

CPEs

cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*

Default Status

unaffected

Versions

Affected

From 6.4.7 through 6.4.14 (semver)

Vendor

Product

CPEs

cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*

Default Status

unaffected

Versions

Affected

From 7.4.0 through 7.4.2 (semver)

Vendor

Product

CPEs

cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*

Default Status

unaffected

Versions

Affected

From 7.2.0 through 7.2.8 (semver)

Vendor

Product

CPEs

cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*

Default Status

unaffected

Versions

Affected

From 7.0.0 through 7.0.14 (semver)

Metrics Other Info

2. CVE Program Container

References

Hyperlink	Resource
https://fortiguard.com/psirt/FG-IR-24-013	x_transferred

Hyperlink: https://fortiguard.com/psirt/FG-IR-24-013

Resource:

x_transferred

▼National Vulnerability Database (NVD)

Source:psirt@fortinet.com

Published At:12 Mar, 2024 | 15:15

Updated At:15 Mar, 2024 | 14:51

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticated attacker to gain access to another user’s bookmark via URL manipulation.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	4.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Secondary	3.1	8.0	HIGH	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Type: Primary

Version: 3.1

Base score: 4.3

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Type: Secondary

Version: 3.1

Base score: 8.0

Base severity: HIGH

Vector:

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CPE Matches

>>fortiproxy>>Versions from 7.0.0(inclusive) to 7.0.14(inclusive)

cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*

>>fortiproxy>>Versions from 7.2.0(inclusive) to 7.2.8(inclusive)

cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*

>>fortiproxy>>Versions from 7.4.0(inclusive) to 7.4.2(inclusive)

cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*

>>fortios>>Versions from 6.4.7(inclusive) to 6.4.14(inclusive)

cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*

>>fortios>>Versions from 7.0.1(inclusive) to 7.0.13(inclusive)

cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*

>>fortios>>Versions from 7.2.0(inclusive) to 7.2.6(inclusive)

cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*

>>fortios>>Versions from 7.4.0(inclusive) to 7.4.1(inclusive)

cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-639	Primary	psirt@fortinet.com

CWE ID: CWE-639

Type: Primary

Source: psirt@fortinet.com

References

Hyperlink	Source	Resource
https://fortiguard.com/psirt/FG-IR-24-013	psirt@fortinet.com	Vendor Advisory

Hyperlink: https://fortiguard.com/psirt/FG-IR-24-013

Source: psirt@fortinet.com

Resource:

Vendor Advisory