CVE-2023-36635
published 2023-09-07CVE-2023-36635: An improper access control in Fortinet FortiSwitchManager version 7.2.0 through 7.2.2 7.0.0 through 7.0.1 may allow a remote authenticated read-only user to…
medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
An improper access control in Fortinet FortiSwitchManager version 7.2.0 through 7.2.2
7.0.0 through 7.0.1 may allow a remote authenticated read-only user to modify the interface settings via the API.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet | — | — |
| fortinet | fortios | — | — |
| fortinet | fortiswitchmanager | — | — |
| fortinet | fortiswitchmanager | — | — |
| fortinet | fortiswitchmanager | — | — |
| fortinet | fortiswitchmanager | — | — |
| fortinet | fortiswitchmanager | — | — |
| fortinet | fortiswitchmanager | — | — |
| fortinet | fortiswitchmanager | 7.0.0 – 7.0.1 | — |
| fortinet | fortiswitchmanager | 7.2.0 – 7.2.2 | — |