CVE-2023-46715 — Origin Validation Error in Fortinet Fortios

CWE-346 — Origin Validation Error4 documents4 sources

Severity

4.3MEDIUMNVD

CNA5.0

EPSS

0.2%

top 58.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fortinet Fortios Fortinet Fortiproxy

Timeline

PublishedJan 14

Description

An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages3 packages

▶NVDfortinet/fortios6.2.0 — 7.4.2

▶CVEListV5fortinet/fortios7.4.0 — 7.4.1+4

▶CVEListV5fortinet/fortiproxy7.4.0 — 7.4.1+2

🔴Vulnerability Details

CVEList

CVE-2023-46715: An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7↗2025-01-14

▶

GHSA

GHSA-65xx-qhj3-cvp8: An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7↗2025-01-14

▶

📋Vendor Advisories

Fortinet

IPsec dynamic assignation IP spoofing↗2025-01-14

▶