cvelistv5 - CVE-2023-50176

CVE-2023-50176

Vulnerability from cvelistv5

Published

2024-11-12 18:53

Modified

2024-11-13 18:31

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P

Summary

A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.13 allows attacker to execute unauthorized code or commands via phishing SAML authentication link.

References

▼	URL	Tags
	psirt@fortinet.com	https://fortiguard.fortinet.com/psirt/FG-IR-23-475	Vendor Advisory

Impacted products

	Vendor	Product	Version
	Fortinet	FortiOS	Version: 7.4.0 ≤ 7.4.3 Version: 7.2.0 ≤ 7.2.7 Version: 7.0.0 ≤ 7.0.13 cpe:2.3:o:fortinet:fortios:7.4.3:::::::* cpe:2.3:o:fortinet:fortios:7.4.2:::::::* cpe:2.3:o:fortinet:fortios:7.4.1:::::::* cpe:2.3:o:fortinet:fortios:7.4.0:::::::* cpe:2.3:o:fortinet:fortios:7.2.7:::::::* cpe:2.3:o:fortinet:fortios:7.2.6:::::::* cpe:2.3:o:fortinet:fortios:7.2.5:::::::* cpe:2.3:o:fortinet:fortios:7.2.4:::::::* cpe:2.3:o:fortinet:fortios:7.2.3:::::::* cpe:2.3:o:fortinet:fortios:7.2.2:::::::* cpe:2.3:o:fortinet:fortios:7.2.1:::::::* cpe:2.3:o:fortinet:fortios:7.2.0:::::::* cpe:2.3:o:fortinet:fortios:7.0.13:::::::* cpe:2.3:o:fortinet:fortios:7.0.12:::::::* cpe:2.3:o:fortinet:fortios:7.0.11:::::::* cpe:2.3:o:fortinet:fortios:7.0.10:::::::* cpe:2.3:o:fortinet:fortios:7.0.9:::::::* cpe:2.3:o:fortinet:fortios:7.0.8:::::::* cpe:2.3:o:fortinet:fortios:7.0.7:::::::* cpe:2.3:o:fortinet:fortios:7.0.6:::::::* cpe:2.3:o:fortinet:fortios:7.0.5:::::::* cpe:2.3:o:fortinet:fortios:7.0.4:::::::* cpe:2.3:o:fortinet:fortios:7.0.3:::::::* cpe:2.3:o:fortinet:fortios:7.0.2:::::::* cpe:2.3:o:fortinet:fortios:7.0.1:::::::* cpe:2.3:o:fortinet:fortios:7.0.0:::::::*

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-50176",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-13T18:31:16.407439Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-13T18:31:27.279Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               cpes: [
                  "cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*",
                  "cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "FortiOS",
               vendor: "Fortinet",
               versions: [
                  {
                     lessThanOrEqual: "7.4.3",
                     status: "affected",
                     version: "7.4.0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "7.2.7",
                     status: "affected",
                     version: "7.2.0",
                     versionType: "semver",
                  },
                  {
                     lessThanOrEqual: "7.0.13",
                     status: "affected",
                     version: "7.0.0",
                     versionType: "semver",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.13 allows attacker to execute unauthorized code or commands via phishing SAML authentication link.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:X/RC:X",
                  version: "3.1",
               },
               format: "CVSS",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-384",
                     description: "Execute unauthorized code or commands",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-11-12T18:53:44.324Z",
            orgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            shortName: "fortinet",
         },
         references: [
            {
               name: "https://fortiguard.fortinet.com/psirt/FG-IR-23-475",
               url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-475",
            },
         ],
         solutions: [
            {
               lang: "en",
               value: "Please upgrade to FortiOS version 7.4.4 or above \nPlease upgrade to FortiOS version 7.2.8 or above \nPlease upgrade to FortiOS version 7.0.14 or above",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
      assignerShortName: "fortinet",
      cveId: "CVE-2023-50176",
      datePublished: "2024-11-12T18:53:44.324Z",
      dateReserved: "2023-12-05T13:18:34.865Z",
      dateUpdated: "2024-11-13T18:31:27.279Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2023-50176\",\"sourceIdentifier\":\"psirt@fortinet.com\",\"published\":\"2024-11-12T19:15:07.360\",\"lastModified\":\"2024-12-12T19:27:35.530\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.13 allows attacker to execute unauthorized code or commands via phishing SAML authentication link.\"},{\"lang\":\"es\",\"value\":\"Una fijación de sesión en Fortinet FortiOS versión 7.4.0 a 7.4.3 y 7.2.0 a 7.2.7 y 7.0.0 a 7.0.13 permite a un atacante ejecutar código o comandos no autorizados a través de un enlace de autenticación SAML de phishing.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@fortinet.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-384\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0.0\",\"versionEndExcluding\":\"7.0.14\",\"matchCriteriaId\":\"C119229A-3805-47C1-B3F9-AF1A4007A63B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0\",\"versionEndExcluding\":\"7.2.8\",\"matchCriteriaId\":\"A6D2A14F-3916-45A0-AD4D-27C60E00AEC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.4.0\",\"versionEndExcluding\":\"7.4.4\",\"matchCriteriaId\":\"1FDDB5F3-D229-4208-9110-8860A03C8B59\"}]}]}],\"references\":[{\"url\":\"https://fortiguard.fortinet.com/psirt/FG-IR-23-475\",\"source\":\"psirt@fortinet.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
      vulnrichment: {
         containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-50176\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-13T18:31:16.407439Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-13T18:31:22.435Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:X/RC:X\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*\"], \"vendor\": \"Fortinet\", \"product\": \"FortiOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.4.3\"}, {\"status\": \"affected\", \"version\": \"7.2.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.2.7\"}, {\"status\": \"affected\", \"version\": \"7.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.13\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Please upgrade to FortiOS version 7.4.4 or above \\nPlease upgrade to FortiOS version 7.2.8 or above \\nPlease upgrade to FortiOS version 7.0.14 or above\"}], \"references\": [{\"url\": \"https://fortiguard.fortinet.com/psirt/FG-IR-23-475\", \"name\": \"https://fortiguard.fortinet.com/psirt/FG-IR-23-475\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.13 allows attacker to execute unauthorized code or commands via phishing SAML authentication link.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-384\", \"description\": \"Execute unauthorized code or commands\"}]}], \"providerMetadata\": {\"orgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"shortName\": \"fortinet\", \"dateUpdated\": \"2024-11-12T18:53:44.324Z\"}}}",
         cveMetadata: "{\"cveId\": \"CVE-2023-50176\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-13T18:31:27.279Z\", \"dateReserved\": \"2023-12-05T13:18:34.865Z\", \"assignerOrgId\": \"6abe59d8-c742-4dff-8ce8-9b0ca1073da8\", \"datePublished\": \"2024-11-12T18:53:44.324Z\", \"assignerShortName\": \"fortinet\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}

ghsa-cfhv-h3jw-vx5r

Vulnerability from github

Published

2024-11-12 21:30

Modified

2024-11-12 21:30

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2023-50176",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-384",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2024-11-12T19:15:07Z",
      severity: "HIGH",
   },
   details: "A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.13 allows attacker to execute unauthorized code or commands via phishing SAML authentication link.",
   id: "GHSA-cfhv-h3jw-vx5r",
   modified: "2024-11-12T21:30:51Z",
   published: "2024-11-12T21:30:51Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2023-50176",
      },
      {
         type: "WEB",
         url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-475",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
         type: "CVSS_V3",
      },
   ],
}

wid-sec-w-2024-3438

Vulnerability from csaf_certbund

Published

2024-11-12 23:00

Modified

2024-11-12 23:00

Summary

Fortinet FortiOS undFortiProxy: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

FortiOS ist ein gehärtetes Betriebssystem für FortiGate Plattformen. FortiProxy ist eine Web-Proxy Lösung.

Angriff

Ein anonymer Angreifer kann mehrere Schwachstellen in Fortinet FortiOS und Fortinet FortiProxy ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder Phishing-Angriffe durchzuführen.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "mittel",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "FortiOS ist ein gehärtetes Betriebssystem für FortiGate Plattformen.\r\nFortiProxy ist eine Web-Proxy Lösung.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein anonymer Angreifer kann mehrere Schwachstellen in Fortinet FortiOS und Fortinet FortiProxy ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder Phishing-Angriffe durchzuführen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Sonstiges",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-3438 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3438.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-3438 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3438",
         },
         {
            category: "external",
            summary: "FortiGuard PSIRT Advisory FG-IR-23-475 vom 2024-11-12",
            url: "https://www.fortiguard.com/psirt/FG-IR-23-475",
         },
         {
            category: "external",
            summary: "FortiGuard PSIRT Advisory FG-IR-24-033 vom 2024-11-12",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-033",
         },
      ],
      source_lang: "en-US",
      title: "Fortinet FortiOS undFortiProxy: Mehrere Schwachstellen",
      tracking: {
         current_release_date: "2024-11-12T23:00:00.000+00:00",
         generator: {
            date: "2024-11-13T11:47:45.933+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.8",
            },
         },
         id: "WID-SEC-W-2024-3438",
         initial_release_date: "2024-11-12T23:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-11-12T23:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<7.4.4",
                        product: {
                           name: "Fortinet FortiOS <7.4.4",
                           product_id: "T039001",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.4.4",
                        product: {
                           name: "Fortinet FortiOS 7.4.4",
                           product_id: "T039001-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:fortinet:fortios:7.4.4",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.2.8",
                        product: {
                           name: "Fortinet FortiOS <7.2.8",
                           product_id: "T039002",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.2.8",
                        product: {
                           name: "Fortinet FortiOS 7.2.8",
                           product_id: "T039002-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:fortinet:fortios:7.2.8",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.0.14",
                        product: {
                           name: "Fortinet FortiOS <7.0.14",
                           product_id: "T039003",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.0.14",
                        product: {
                           name: "Fortinet FortiOS 7.0.14",
                           product_id: "T039003-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:fortinet:fortios:7.0.14",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.2.9",
                        product: {
                           name: "Fortinet FortiOS <7.2.9",
                           product_id: "T039004",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.2.9",
                        product: {
                           name: "Fortinet FortiOS 7.2.9",
                           product_id: "T039004-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:fortinet:fortios:7.2.9",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.6",
                        product: {
                           name: "Fortinet FortiOS <7.6",
                           product_id: "T039005",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.6",
                        product: {
                           name: "Fortinet FortiOS 7.6",
                           product_id: "T039005-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:fortinet:fortios:7.6",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "FortiOS",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<7.4.4",
                        product: {
                           name: "Fortinet FortiProxy <7.4.4",
                           product_id: "T039006",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.4.4",
                        product: {
                           name: "Fortinet FortiProxy 7.4.4",
                           product_id: "T039006-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:fortinet:fortiproxy:7.4.4",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.2.10",
                        product: {
                           name: "Fortinet FortiProxy <7.2.10",
                           product_id: "T039007",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.2.10",
                        product: {
                           name: "Fortinet FortiProxy 7.2.10",
                           product_id: "T039007-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:fortinet:fortiproxy:7.2.10",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.0.17",
                        product: {
                           name: "Fortinet FortiProxy <7.0.17",
                           product_id: "T039008",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.0.17",
                        product: {
                           name: "Fortinet FortiProxy 7.0.17",
                           product_id: "T039008-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:fortinet:fortiproxy:7.0.17",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "FortiProxy",
               },
            ],
            category: "vendor",
            name: "Fortinet",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-50176",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Fortinet FortiOS. Dieser Fehler existiert wegen einer unsachgemäßen Sitzungsverarbeitung in der SAML-Authentifizierungskomponente. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, indem er einen gefälschten SAML-Authentifizierungslink sendet, der es ihm ermöglicht, die Sitzung des Benutzers zu entführen und unberechtigten Zugriff zu erhalten. Zur erfolgreichen Ausnutzung ist eine Benutzerinteraktion erforderlich.",
            },
         ],
         product_status: {
            known_affected: [
               "T039001",
               "T039003",
               "T039002",
            ],
         },
         release_date: "2024-11-12T23:00:00.000+00:00",
         title: "CVE-2023-50176",
      },
      {
         cve: "CVE-2024-33510",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Fortinet FortiOS und FortiProxy. Dieser Fehler existiert wegen der unsachgemäßen Neutralisierung spezieller Elemente in der SSL-VPN-Web-Benutzeroberfläche. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, indem er manipulierte Anfragen sendet, um Phishing-Versuche durchzuführen. Zur erfolgreichen Ausnutzung ist eine Benutzerinteraktion erforderlich.",
            },
         ],
         product_status: {
            known_affected: [
               "T039001",
               "T039007",
               "T039006",
               "T039008",
               "T039003",
               "T039002",
               "T039005",
               "T039004",
            ],
         },
         release_date: "2024-11-12T23:00:00.000+00:00",
         title: "CVE-2024-33510",
      },
   ],
}

WID-SEC-W-2024-3438

Vulnerability from csaf_certbund

Published

2024-11-12 23:00

Modified

2024-11-12 23:00

Summary

Fortinet FortiOS undFortiProxy: Mehrere Schwachstellen

Notes

Produktbeschreibung

FortiOS ist ein gehärtetes Betriebssystem für FortiGate Plattformen. FortiProxy ist eine Web-Proxy Lösung.

Angriff

Ein anonymer Angreifer kann mehrere Schwachstellen in Fortinet FortiOS und Fortinet FortiProxy ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder Phishing-Angriffe durchzuführen.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "mittel",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "FortiOS ist ein gehärtetes Betriebssystem für FortiGate Plattformen.\r\nFortiProxy ist eine Web-Proxy Lösung.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein anonymer Angreifer kann mehrere Schwachstellen in Fortinet FortiOS und Fortinet FortiProxy ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder Phishing-Angriffe durchzuführen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Sonstiges",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-3438 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3438.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-3438 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3438",
         },
         {
            category: "external",
            summary: "FortiGuard PSIRT Advisory FG-IR-23-475 vom 2024-11-12",
            url: "https://www.fortiguard.com/psirt/FG-IR-23-475",
         },
         {
            category: "external",
            summary: "FortiGuard PSIRT Advisory FG-IR-24-033 vom 2024-11-12",
            url: "https://www.fortiguard.com/psirt/FG-IR-24-033",
         },
      ],
      source_lang: "en-US",
      title: "Fortinet FortiOS undFortiProxy: Mehrere Schwachstellen",
      tracking: {
         current_release_date: "2024-11-12T23:00:00.000+00:00",
         generator: {
            date: "2024-11-13T11:47:45.933+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.8",
            },
         },
         id: "WID-SEC-W-2024-3438",
         initial_release_date: "2024-11-12T23:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-11-12T23:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<7.4.4",
                        product: {
                           name: "Fortinet FortiOS <7.4.4",
                           product_id: "T039001",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.4.4",
                        product: {
                           name: "Fortinet FortiOS 7.4.4",
                           product_id: "T039001-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:fortinet:fortios:7.4.4",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.2.8",
                        product: {
                           name: "Fortinet FortiOS <7.2.8",
                           product_id: "T039002",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.2.8",
                        product: {
                           name: "Fortinet FortiOS 7.2.8",
                           product_id: "T039002-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:fortinet:fortios:7.2.8",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.0.14",
                        product: {
                           name: "Fortinet FortiOS <7.0.14",
                           product_id: "T039003",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.0.14",
                        product: {
                           name: "Fortinet FortiOS 7.0.14",
                           product_id: "T039003-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:fortinet:fortios:7.0.14",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.2.9",
                        product: {
                           name: "Fortinet FortiOS <7.2.9",
                           product_id: "T039004",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.2.9",
                        product: {
                           name: "Fortinet FortiOS 7.2.9",
                           product_id: "T039004-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:fortinet:fortios:7.2.9",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.6",
                        product: {
                           name: "Fortinet FortiOS <7.6",
                           product_id: "T039005",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.6",
                        product: {
                           name: "Fortinet FortiOS 7.6",
                           product_id: "T039005-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/o:fortinet:fortios:7.6",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "FortiOS",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "<7.4.4",
                        product: {
                           name: "Fortinet FortiProxy <7.4.4",
                           product_id: "T039006",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.4.4",
                        product: {
                           name: "Fortinet FortiProxy 7.4.4",
                           product_id: "T039006-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:fortinet:fortiproxy:7.4.4",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.2.10",
                        product: {
                           name: "Fortinet FortiProxy <7.2.10",
                           product_id: "T039007",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.2.10",
                        product: {
                           name: "Fortinet FortiProxy 7.2.10",
                           product_id: "T039007-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:fortinet:fortiproxy:7.2.10",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "<7.0.17",
                        product: {
                           name: "Fortinet FortiProxy <7.0.17",
                           product_id: "T039008",
                        },
                     },
                     {
                        category: "product_version",
                        name: "7.0.17",
                        product: {
                           name: "Fortinet FortiProxy 7.0.17",
                           product_id: "T039008-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:fortinet:fortiproxy:7.0.17",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "FortiProxy",
               },
            ],
            category: "vendor",
            name: "Fortinet",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-50176",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Fortinet FortiOS. Dieser Fehler existiert wegen einer unsachgemäßen Sitzungsverarbeitung in der SAML-Authentifizierungskomponente. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, indem er einen gefälschten SAML-Authentifizierungslink sendet, der es ihm ermöglicht, die Sitzung des Benutzers zu entführen und unberechtigten Zugriff zu erhalten. Zur erfolgreichen Ausnutzung ist eine Benutzerinteraktion erforderlich.",
            },
         ],
         product_status: {
            known_affected: [
               "T039001",
               "T039003",
               "T039002",
            ],
         },
         release_date: "2024-11-12T23:00:00.000+00:00",
         title: "CVE-2023-50176",
      },
      {
         cve: "CVE-2024-33510",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Fortinet FortiOS und FortiProxy. Dieser Fehler existiert wegen der unsachgemäßen Neutralisierung spezieller Elemente in der SSL-VPN-Web-Benutzeroberfläche. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, indem er manipulierte Anfragen sendet, um Phishing-Versuche durchzuführen. Zur erfolgreichen Ausnutzung ist eine Benutzerinteraktion erforderlich.",
            },
         ],
         product_status: {
            known_affected: [
               "T039001",
               "T039007",
               "T039006",
               "T039008",
               "T039003",
               "T039002",
               "T039005",
               "T039004",
            ],
         },
         release_date: "2024-11-12T23:00:00.000+00:00",
         title: "CVE-2024-33510",
      },
   ],
}

gsd-2023-50176

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2023-50176

Aliases

CVE-2023-50176

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2023-50176",
      id: "GSD-2023-50176",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2023-50176",
         ],
         id: "GSD-2023-50176",
         modified: "2023-12-13T01:20:31.346101Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "cve@mitre.org",
            ID: "CVE-2023-50176",
            STATE: "RESERVED",
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.",
               },
            ],
         },
      },
   },
}

fkie_cve-2023-50176

Vulnerability from fkie_nvd

Published

2024-11-12 19:15

Modified

2024-12-12 19:27

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

▼	URL	Tags
	psirt@fortinet.com	https://fortiguard.fortinet.com/psirt/FG-IR-23-475	Vendor Advisory

Impacted products

Vendor	Product	Version
fortinet	fortios	*
fortinet	fortios	*
fortinet	fortios	*

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C119229A-3805-47C1-B3F9-AF1A4007A63B",
                     versionEndExcluding: "7.0.14",
                     versionStartIncluding: "7.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6D2A14F-3916-45A0-AD4D-27C60E00AEC0",
                     versionEndExcluding: "7.2.8",
                     versionStartIncluding: "7.2.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1FDDB5F3-D229-4208-9110-8860A03C8B59",
                     versionEndExcluding: "7.4.4",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.13 allows attacker to execute unauthorized code or commands via phishing SAML authentication link.",
      },
      {
         lang: "es",
         value: "Una fijación de sesión en Fortinet FortiOS versión 7.4.0 a 7.4.3 y 7.2.0 a 7.2.7 y 7.0.0 a 7.0.13 permite a un atacante ejecutar código o comandos no autorizados a través de un enlace de autenticación SAML de phishing.",
      },
   ],
   id: "CVE-2023-50176",
   lastModified: "2024-12-12T19:27:35.530",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.6,
            impactScore: 5.9,
            source: "psirt@fortinet.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2024-11-12T19:15:07.360",
   references: [
      {
         source: "psirt@fortinet.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://fortiguard.fortinet.com/psirt/FG-IR-23-475",
      },
   ],
   sourceIdentifier: "psirt@fortinet.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-384",
            },
         ],
         source: "psirt@fortinet.com",
         type: "Primary",
      },
   ],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2023-50176

Vulnerability from cvelistv5

ghsa-cfhv-h3jw-vx5r

Vulnerability from github

wid-sec-w-2024-3438

Vulnerability from csaf_certbund

WID-SEC-W-2024-3438

Vulnerability from csaf_certbund

gsd-2023-50176

Vulnerability from gsd

fkie_cve-2023-50176

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature