CVE-2023-22641

CVSS V2 None CVSS V3 None
Description
A url redirection to untrusted site ('open redirect') in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specially crafted requests.
Overview
  • CVE ID
  • CVE-2023-22641
  • Assigner
  • psirt@fortinet.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-04-11T17:15:08
  • Last Modified Date
  • 2023-04-18T18:15:48
Weakness Enumerations
CWE URL
CWE-601 http://cwe.mitre.org/data/definitions/601.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* 1 OR 1.0.0 2.0.12
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* 1 OR 7.0.0 7.0.9
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* 1 OR 7.2.0 7.2.3
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* 1 OR 6.0.0 6.4.13
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* 1 OR 7.0.0 7.0.11
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* 1 OR 7.2.0 7.2.4
References
Reference URL Reference Tags
https://fortiguard.com/psirt/FG-IR-22-479
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-22641
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22641
History
Created Old Value New Value Data Type Notes
2023-04-17 04:31:32 Added to TrackCVE
2023-04-17 17:00:48 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-04-18 19:00:47 2023-04-18T18:15:48 CVE Modified Date updated
2023-04-18 19:00:47 Undergoing Analysis Analyzed Vulnerability Status updated
2023-04-18 19:00:50 Weakness Enumeration new
2023-04-18 19:00:52 CPE Information updated