CVE-2023-42782

CVSS V2 None CVSS V3 None
Description
A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via the knoweldge of an authorized device serial number.
Overview
  • CVE ID
  • CVE-2023-42782
  • Assigner
  • fortinet
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-10-10T16:50:26.310Z
  • Last Modified Date
  • 2023-10-10T16:50:26.310Z
References
Reference URL Reference Tags
https://fortiguard.com/psirt/FG-IR-23-221
History
Created Old Value New Value Data Type Notes
2024-06-25 14:17:35 Added to TrackCVE