CVE-2023-25603 - OpenCVE

A permissive cross-domain policy with untrusted domains vulnerability in Fortinet FortiADC 7.1.0 - 7.1.1, FortiDDoS-F 6.3.0 - 6.3.4 and 6.4.0 - 6.4.1 allow an unauthorized attacker to carry out privileged actions and retrieve sensitive information via crafted web requests.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Fortinet	Fortiadc Fortiddos-f

Configuration 1 [-]

OR	cpe:2.3:a:fortinet:fortiadc:7.1.0:::::::*
	cpe:2.3:a:fortinet:fortiadc:7.1.1:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:fortinet:fortiddos-f::::::::
	cpe:2.3:a:fortinet:fortiddos-f:6.4.0:::::::*
	cpe:2.3:a:fortinet:fortiddos-f:6.4.1:::::::*

References

Link	Resource
https://fortiguard.com/psirt/FG-IR-22-518	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: fortinet

Published: 2023-11-14T18:08:16.641Z

Updated: 2023-11-14T18:08:16.641Z

Reserved: 2023-02-08T13:42:03.366Z

Link: CVE-2023-25603

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-11-14T19:15:19.570

Modified: 2023-11-20T20:52:25.217

Link: CVE-2023-25603

JSON object: View

Redhat Information

No data.

CWE

CWE-942

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiadc:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B35D8D53-448B-474C-B7CB-324CB4ED7A82", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiadc:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "933701AE-43E3-4260-973B-4EA09C375965", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiddos-f:*:*:*:*:*:*:*:*", "matchCriteriaId": "D373DFA1-A7F4-4E5F-9F52-62C903E60EDA", "versionEndIncluding": "6.3.4", "versionStartIncluding": "6.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiddos-f:6.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "A9C4E7CA-746B-4542-9E83-AC75C3DAB1FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortiddos-f:6.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "A3BE2AD7-5D1D-4184-AE2E-80DF59E968C4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A permissive cross-domain policy with untrusted domains vulnerability in Fortinet FortiADC 7.1.0 - 7.1.1, FortiDDoS-F 6.3.0 - 6.3.4 and 6.4.0 - 6.4.1 allow an unauthorized attacker to carry out privileged actions and retrieve sensitive information via crafted web requests."}, {"lang": "es", "value": "Una pol\u00edtica permisiva entre dominios con vulnerabilidad de dominios que no son de confianza en Fortinet FortiADC 7.1.0 - 7.1.1, FortiDDoS-F 6.3.0 - 6.3.4 y 6.4.0 - 6.4.1 permite a un atacante no autorizado realizar acciones privilegiadas y recuperar informaci\u00f3n confidencial a trav\u00e9s de solicitudes web manipuladas."}], "id": "CVE-2023-25603", "lastModified": "2023-11-20T20:52:25.217", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2023-11-14T19:15:19.570", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-22-518"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-942"}], "source": "psirt@fortinet.com", "type": "Primary"}]}