VDB
CVE-2023-22637
CVE-2023-22637
PUBLISHED
CVSS 5.900000095367432 MEDIUM
A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an unauthenticated attacker to redirect users to any arbitrary website via a crafted URL.
EPSS 0.60% · 69.7th percentile
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
EPSS Score
0.60%
69.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | FortiNAC | 9.2.0, 9.1.0, 8.7.0 |
| fortinet | fortinac-f | 7.2.0, 7.2.0, 7.2.0 |
| fortinet | fortinac | 8.7.0, 8.7.0, 8.7.0 |
Timeline
- May 3, 2023 CVE Published
- May 4, 2023 EPSS Score
- Jun 10, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Aug 23, 2023 EPSS Score
- Sep 29, 2023 EPSS Score
- Nov 5, 2023 EPSS Score
- Dec 12, 2023 EPSS Score
- Jan 18, 2024 EPSS Score
- Feb 24, 2024 EPSS Score
- Apr 1, 2024 EPSS Score
- May 8, 2024 EPSS Score
References
- https://fortiguard.com/psirt/FG-IR-23-013 url
- https://nvd.nist.gov/vuln/detail/CVE-2023-22637 advisory
- https://www.fortiguard.com/psirt/FG-IR-22-456 advisory
- https://www.fortiguard.com/psirt/FG-IR-22-520 advisory
- https://www.fortiguard.com/psirt/FG-IR-22-475 advisory
- https://www.fortiguard.com/psirt/FG-IR-22-297 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-013 advisory
- https://www.fortiguard.com/psirt/FG-IR-22-464 advisory
- https://www.fortiguard.com/psirt/FG-IR-22-407 advisory
- https://www.fortiguard.com/psirt/FG-IR-22-452 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-069 advisory
- https://fortiguard.com/psirt/FG-IR-22-407 url