CVE-2023-46712

Summary

A improper access control in Fortinet FortiPortal version 7.0.0 through 7.0.6, Fortinet FortiPortal version 7.2.0 through 7.2.1 allows attacker to escalate its privilege via specifically crafted HTTP requests.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiPortal7.2.0 <= 7.2.1affected
FortinetFortiPortal7.0.0 <= 7.0.6affected

Weaknesses

  • CWE-284: Escalation of privilege

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References