VDB
CVE-2023-42783
CVE-2023-42783
PUBLISHED
CVSS 5.300000190734863 MEDIUM
An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests.
EPSS 0.66% · 71.4th percentile
Risk Scores
CVSS v3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:F/RL:X/RC:C
EPSS Score
0.66%
71.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | FortiMail | 7.2.0, 7.0.0, 6.4.0 |
Timeline
- Nov 14, 2023 CVE Published
- Nov 15, 2023 EPSS Score
- Dec 15, 2023 EPSS Score
- Jan 14, 2024 EPSS Score
- Feb 14, 2024 EPSS Score
- Mar 15, 2024 EPSS Score
- Apr 14, 2024 EPSS Score
- May 14, 2024 EPSS Score
- Jun 13, 2024 EPSS Score
- Jul 13, 2024 EPSS Score
- Aug 13, 2024 EPSS Score
- Aug 30, 2024 CVE Updated
References
- https://www.fortiguard.com/psirt/FG-IR-22-299 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-306 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-274 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-385 advisory
- https://www.fortiguard.com/psirt/FG-IR-22-518 advisory
- https://www.fortiguard.com/psirt/FG-IR-22-292 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-108 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-290 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-287 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-064 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-135 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-177 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-061 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-151 advisory
- https://www.fortiguard.com/psirt/FG-IR-22-396 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-143 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-142 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-203 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-265 advisory
- https://fortiguard.com/psirt/FG-IR-23-203 url