CVE-2023-36554
published 2024-03-12CVE-2023-36554: A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2…
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.77%
50.8th percentile
A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortimanager | — | — |
| fortinet | fortimanager | — | — |
| fortinet | fortimanager | 6.2.0 – 6.2.12 | — |
| fortinet | fortimanager | 6.4.0 – 6.4.13 | — |
| fortinet | fortimanager | 7.0.0 – 7.0.10 | — |
| fortinet | fortimanager | 7.2.0 – 7.2.3 | — |
| fortinet | fortinet | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploit vector is via specially crafted HTTP requests targeting backup and restore features in FortiManager; monitor for unauthorized HTTP requests to FortiManager backup/restore endpoints ↗
- →The vulnerability is an improper access control (CWE-284) in FortiManager backup and restore features; monitor for unauthenticated or unauthorized access attempts to these specific functional areas ↗
- ·Affected versions span a wide range: FortiManager 7.4.0, 7.2.0–7.2.3, 7.0.0–7.0.10, 6.4.0–6.4.13, and all 6.2.x versions; ensure detection coverage applies to all deployed versions in this range ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qxp3-9pp5-5ph4: A improper access control in Fortinet FortiManager version 7
ghsa_unreviewed·2024-03-12
CVE-2023-36554 [HIGH] CWE-284 GHSA-qxp3-9pp5-5ph4: A improper access control in Fortinet FortiManager version 7
A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
Fortinet
Improper access control in backup and restore features
vendor_fortinet·2024-03-12·CVSS 8.1
CVE-2023-36554 [HIGH] CWE-284 Improper access control in backup and restore features
FG-IR-23-103: Improper access control in backup and restore features
A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.
CVEs: CVE-2023-36554
CWEs: CWE-284
CVSS: 8.1 (high)
Affected products: FortiManager, Fortinet
No detection rules found.
No public exploits indexed.
2024-03-12
Published