VDB

CVE-2023-22637

CVE-2023-22637 PUBLISHED CVSS 5.900000095367432 MEDIUM

A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an unauthenticated attacker to redirect users to any arbitrary website via a crafted URL.

EPSS 0.60% · 69.7th percentile

Risk Scores

CVSS 3.1
5.900000095367432
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
EPSS Score
0.60%
69.7th percentile

Affected Products

VendorProductVersions
FortinetFortiNAC9.2.0, 9.1.0, 8.7.0
fortinetfortinac-f7.2.0, 7.2.0, 7.2.0
fortinetfortinac8.7.0, 8.7.0, 8.7.0

Timeline

  • May 3, 2023 CVE Published
  • May 4, 2023 EPSS Score
  • Jun 10, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Aug 23, 2023 EPSS Score
  • Sep 29, 2023 EPSS Score
  • Nov 5, 2023 EPSS Score
  • Dec 12, 2023 EPSS Score
  • Jan 18, 2024 EPSS Score
  • Feb 24, 2024 EPSS Score
  • Apr 1, 2024 EPSS Score
  • May 8, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›