CVE-2023-44252

Summary

** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1 through 5.1.2 may allow an authenticated attacker to escalate his privileges via HTTP or HTTPs requests with crafted JWT token values.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiWAN5.2.0 <= 5.2.1affected
FortinetFortiWAN5.1.1 <= 5.1.2affected

Weaknesses

  • CWE-287: Improper access control

ADP Enrichment

CVE Program Container

Additional References

References