CVE-2023-42783

Summary

A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.2 through 8.4.0 and 8.3.2 through 8.3.0 and 8.2.2 allows attacker to read arbitrary files via crafted http requests.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiWLM8.6.0 <= 8.6.6affected
FortinetFortiWLM8.5.0 <= 8.5.4affected
FortinetFortiWLM8.4.0 <= 8.4.2affected
FortinetFortiWLM8.3.0 <= 8.3.2affected
FortinetFortiWLM8.2.2affected

Weaknesses

  • CWE-23: Information disclosure

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References