VDB
CVE-2023-48789
CVE-2023-48789
PUBLISHED
CVSS 4.099999904632568 MEDIUM
A client-side enforcement of server-side security in Fortinet FortiPortal version 6.0.0 through 6.0.14 allows attacker to improper access control via crafted HTTP requests.
EPSS 0.58% · 69.2th percentile
Risk Scores
CVSS 3.1
4.099999904632568
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:X
EPSS Score
0.58%
69.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | FortiPortal | 6.0.0 |
| fortinet | fortiportal | 6.0.0 |
Exploit Intelligence
Timeline
- May 15, 2024 CVE Published
- Jun 3, 2024 EPSS Score
- Jun 26, 2024 EPSS Score
- Jul 20, 2024 EPSS Score
- Aug 12, 2024 EPSS Score
- Sep 4, 2024 EPSS Score
- Sep 27, 2024 EPSS Score
- Oct 5, 2024 Coalition ESS Score
- Oct 21, 2024 EPSS Score
- Nov 13, 2024 EPSS Score
- Dec 7, 2024 EPSS Score
- Dec 30, 2024 EPSS Score
References
- https://www.fortiguard.com/psirt/FG-IR-23-225 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-040 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-282 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-406 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-137 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-222 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-052 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-474 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-195 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-433 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-021 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-420 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-054 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-465 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-415 advisory
- https://www.fortiguard.com/psirt/FG-IR-23-191 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-017 advisory
- https://www.fortiguard.com/psirt/FG-IR-24-120 advisory
- https://fortiguard.fortinet.com/psirt/FG-IR-23-406 url
- https://nvd.nist.gov/vuln/detail/CVE-2023-48789 advisory