CVE-2024-23105

High

A Use Of Less Trusted Source [CWE-348] vulnerability in Fortinet FortiPortal version 7.0.0 through 7.0.6 and version 7.2.0 through 7.2.1…

fortinet·CWE-348·Published 2024-05-14

CVSS

7.5

EPSS

0.00

KEV

Exploits

cve.orgen

232 chars

A Use Of Less Trusted Source [CWE-348] vulnerability in Fortinet FortiPortal version 7.0.0 through 7.0.6 and version 7.2.0 through 7.2.1 allows an unauthenticated attack to bypass IP protection through crafted HTTP or HTTPS packets.

NVDen

232 chars

NVDes

238 chars

Una vulnerabilidad de uso de fuente menos confiable [CWE-348] en Fortinet FortiPortal versión 7.0.0 a 7.0.6 y versión 7.2.0 a 7.2.1 permite que un ataque no autenticado evite la protección IP a través de paquetes HTTP o HTTPS manipulados.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	7.5	1.6	5.9	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	7.1	—	—	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C