CVE-2023-41678
published 2023-12-13CVE-2023-41678: A double free in Fortinet FortiOS versions 7.0.0 through 7.0.5, FortiPAM version 1.0.0 through 1.0.3, 1.1.0 through 1.1.1 allows attacker to execute…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
A double free in Fortinet FortiOS versions 7.0.0 through 7.0.5, FortiPAM version 1.0.0 through 1.0.3, 1.1.0 through 1.1.1 allows attacker to execute unauthorized code or commands via specifically crafted request.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | activemq | >= 0 < 5.16.1-1ubuntu0.1 | 5.16.1-1ubuntu0.1 |
| fortinet | fortinet | — | — |
| fortinet | fortios | — | — |
| fortinet | fortios | — | — |
| fortinet | fortios | — | — |
| fortinet | fortios | — | — |
| fortinet | fortios | — | — |
| fortinet | fortios | — | — |
| fortinet | fortios | — | — |
| fortinet | fortios | 7.0.0 – 7.0.5 | — |
| fortinet | fortipam | — | — |
| fortinet | fortipam | — | — |
| fortinet | fortipam | — | — |
| fortinet | fortipam | — | — |
| fortinet | fortipam | — | — |
| fortinet | fortipam | — | — |
| fortinet | fortipam | — | — |
| fortinet | fortipam | 1.0.0 – 1.0.3 | — |
| fortinet | fortipam | 1.1.0 – 1.1.1 | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv8.8HIGH