CVE-2023-50180

CWE-4974 documents4 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 65.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Fortinet Fortiadc
Timeline
PublishedMay 14

Description

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiADC version 7.4.1 and below, version 7.2.3 and below, version 7.1.4 and below, version 7.0.5 and below, version 6.2.6 and below may allow a read-only admin to view data pertaining to other admins.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5fortinet/fortiadc7.4.07.4.1+4
NVDfortinet/fortiadc7.0.07.0.5+5

🔴Vulnerability Details

2
GHSA
GHSA-x49q-j7fx-rrwj: An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiADC version 72024-05-14
CVEList
CVE-2023-50180: An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiADC version 72024-05-14

📋Vendor Advisories

1
Fortinet
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiADC versio...2024-05-14
CVE-2023-50180 (MEDIUM CVSS 5.5) | An exposure of sensitive system inf | cvebase.io