CVE-2023-42783 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-42783 PUBLISHED CVSS 5.300000190734863 MEDIUM

An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests.

EPSS 0.66% · 70.9th percentile

Risk Scores

CVSS v3.1

5.300000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:F/RL:X/RC:C

EPSS Score

0.66%

70.9th percentile

Affected Products

Vendor	Product	Versions
Fortinet	FortiMail	7.2.0, 7.0.0, 6.4.0

Timeline

Nov 14, 2023 CVE Published
Nov 15, 2023 EPSS Score
Dec 15, 2023 EPSS Score
Jan 13, 2024 EPSS Score
Feb 12, 2024 EPSS Score
Mar 13, 2024 EPSS Score
Apr 11, 2024 EPSS Score
May 11, 2024 EPSS Score
Jun 10, 2024 EPSS Score
Jul 9, 2024 EPSS Score
Aug 8, 2024 EPSS Score
Aug 30, 2024 CVE Updated

References

https://www.fortiguard.com/psirt/FG-IR-22-299 advisory
https://www.fortiguard.com/psirt/FG-IR-23-306 advisory
https://www.fortiguard.com/psirt/FG-IR-23-274 advisory
https://www.fortiguard.com/psirt/FG-IR-23-385 advisory
https://www.fortiguard.com/psirt/FG-IR-22-518 advisory
https://www.fortiguard.com/psirt/FG-IR-22-292 advisory
https://www.fortiguard.com/psirt/FG-IR-23-108 advisory
https://www.fortiguard.com/psirt/FG-IR-23-290 advisory
https://www.fortiguard.com/psirt/FG-IR-23-287 advisory
https://www.fortiguard.com/psirt/FG-IR-23-064 advisory
https://www.fortiguard.com/psirt/FG-IR-23-135 advisory
https://www.fortiguard.com/psirt/FG-IR-23-177 advisory
https://www.fortiguard.com/psirt/FG-IR-23-061 advisory
https://www.fortiguard.com/psirt/FG-IR-23-151 advisory
https://www.fortiguard.com/psirt/FG-IR-22-396 advisory
https://www.fortiguard.com/psirt/FG-IR-23-143 advisory
https://www.fortiguard.com/psirt/FG-IR-23-142 advisory
https://www.fortiguard.com/psirt/FG-IR-23-203 advisory
https://www.fortiguard.com/psirt/FG-IR-23-265 advisory
https://fortiguard.com/psirt/FG-IR-23-203 url

Open in Interactive Console →