Fortinet Vulnerabilities
FortiOS
Severity: Medium
Fix/Workaround: upgrade
CVE: CVE-2023-46714
Vulnerability Description:
Buffer overflow in administrative interface
A stack-based buffer overflow [CWE-121] vulnerability in FortiOS administrative interface may allow a privileged attacker to execute arbitrary code or commands via crafted HTTP or HTTPs requests.
Severity: Medium
Fix/Workaround: upgrade
CVE: CVE-2023-45586
Vulnerability Description:
SSL-VPN user IP spoofing
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiOS & FortiProxy SSL-VPN tunnel mode may allow an authenticated VPN user to send (but not receive) packets spoofing the IP of another user via crafted network packets.
Severity: Medium
Fix/Workaround: upgrade
CVE: CVE-2024-26007
Vulnerability Description:
Node.js crash over administrative interface
An improper check or handling of exceptional conditions vulnerability [CWE-703] in FortiOS version 7.4.1 may allow an unauthenticated attacker to perform a temporary denial of service attack on the administrative interface via crafted HTTP requests.
Severity: Medium
Fix/Workaround: upgrade
CVE: CVE-2023-36640 and CVE-2023-45583
Vulnerability Description:
Format String Bug in cli command
Multiple format string bug vulnerabilitues [CWE-134] in FortiOS, FortiProxy, FortiPAM & FortiSwitchManager command line interpreter and httpd may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted commands and http requests.
Severity: Medium
Fix/Workaround: upgrade
CVE: CVE-2023-44247
Vulnerability Description:
Double free with double usage of json_object_put
A double free vulnerability [CWE-415] in FortiOS may allow a privileged attacker to execute unauthorized code or commands via crafted HTTP or HTTPs requests.
FortiWeb
Severity: Medium
Fix/Workaround: upgrade
CVE: CVE-2024-23665
Vulnerability Description:
Unauthorized ADOM operations
Multiple improper authorization vulnerabilities [CWE-285] in FortiWeb may allow an authenticated attacker to perform unauthorized ADOM operations via crafted requests.
Severity: Medium
Fix/Workaround: upgrade
CVE: CVE-2024-23107
Vulnerability Description:
Read only administrator can see passwords‘ hashes
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiWeb may allow an authenticated attacker to read password hashes of other administrators via CLI commands or HTTP requests.
FortiSandbox
Severity: High
Fix/Workaround: upgrade
CVE: CVE-2024-31491
Vulnerability Description:
Readonly user could execute sensitive operations
A client-side enforcement of server-side security vulnerability [CWE-602] in FortiSandbox may allow an authenticated attacker with at least read-only permission to download or upload configuration.
