216.73.217.172

CVE-2023-44255

· Published 12/11/2024 19:15 · Modified 13/11/2024 17:01

Labels: CVE-2023-44255 2024-11-12CVE-2023-44255CWE-359[email protected]

Essential information

Published
12/11/2024 19:15
Modified
13/11/2024 17:01
Author
Creator
CVSS
4.1 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N

CVSS metrics

Description

An exposure of sensitive information to an unauthorized actor [CWE-200] in Fortinet FortiManager before 7.4.2, FortiAnalyzer before 7.4.2 and FortiAnalyzer-BigData before 7.2.5 may allow a privileged attacker with administrative read permissions to read event logs of another adom via crafted HTTP or HTTPs requests.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References