CVE-2023-42783

CWE-234 documents4 sources
Severity
7.5HIGH
EPSS
0.7%
top 28.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Fortinet Fortiwlm
Timeline
PublishedNov 14

Description

A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.2 through 8.4.0 and 8.3.2 through 8.3.0 and 8.2.2 allows attacker to read arbitrary files via crafted http requests.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5fortinet/fortiwlm8.6.08.6.6+4
NVDfortinet/fortiwlm8.5.08.5.4+8

🔴Vulnerability Details

2
CVEList
CVE-2023-42783: A relative path traversal in Fortinet FortiWLM version 82023-11-14
GHSA
GHSA-4rfh-v443-hvgh: A relative path traversal in Fortinet FortiWLM version 82023-11-14

📋Vendor Advisories

1
Fortinet
A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.2 through 8.4...2023-11-14
CVE-2023-42783 (HIGH CVSS 7.5) | A relative path traversal in Fortin | cvebase.io