7.3.1

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

fortinet

NVD

Published: 2023-04-11

Updated: 2023-11-07

Summary

A improper neutralization of special elements used in a template engine vulnerability in Fortinet FortiSOAR 7.3.0 through 7.3.1 allows an authenticated, remote attacker to execute arbitrary code via a crafted payload.

Vulnerable Configurations

Part	Description	Count
Application	Fortinet Fortinet Fortisoar 7.3.0 Fortinet Fortisoar 7.3.1	2

References

https://fortiguard.com/psirt/FG-IR-23-051