CVE-2023-50181: An improper access control vulnerability [CWE-284] in Fortinet FortiADC version 7.4.0 through 7.4.1 and before 7.2.4 allows a read only authenticated attacker…

medium6.5CVSS 3.1

AVNACLPRLUINSUCNIHAN

An improper access control vulnerability [CWE-284] in Fortinet FortiADC version 7.4.0 through 7.4.1 and before 7.2.4 allows a read only authenticated attacker to perform some write actions via crafted HTTP or HTTPS requests.

Affected

11 ranges

Vendor	Product	Version range	Fixed in
fortinet	fortiadc	—	—
fortinet	fortiadc	>= 6.0.0 < 7.2.5	7.2.5
fortinet	fortiadc	6.0.0 – 6.0.4	—
fortinet	fortiadc	6.1.0 – 6.1.6	—
fortinet	fortiadc	6.2.0 – 6.2.6	—
fortinet	fortiadc	7.0.0 – 7.0.5	—
fortinet	fortiadc	7.1.0 – 7.1.4	—
fortinet	fortiadc	7.2.0 – 7.2.4	—
fortinet	fortiadc	>= 7.4.0 < 7.4.2	7.4.2
fortinet	fortiadc	7.4.0 – 7.4.1	—
fortinet	fortinet	—	—