Vulnerabilities > CVE-2024-23105 - Unspecified vulnerability in Fortinet Fortiportal

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

high complexity

fortinet

NVD

Published: 2024-05-14

Updated: 2024-11-21

Summary

A Use Of Less Trusted Source [CWE-348] vulnerability in Fortinet FortiPortal version 7.0.0 through 7.0.6 and version 7.2.0 through 7.2.1 allows an unauthenticated attack to bypass IP protection through crafted HTTP or HTTPS packets.

Vulnerable Configurations

Part	Description	Count
Application	Fortinet Fortinet Fortiportal 7.0.0 Fortinet Fortiportal 7.0.1 Fortinet Fortiportal 7.0.2 Fortinet Fortiportal 7.0.3 Fortinet Fortiportal 7.0.4 Fortinet Fortiportal 7.0.5 Fortinet Fortiportal 7.0.6 Fortinet Fortiportal 7.2.0 Fortinet Fortiportal 7.2.1	9

References

https://fortiguard.com/psirt/FG-IR-24-021
https://fortiguard.com/psirt/FG-IR-24-021