A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-23-074 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2023-06-23T07:46:37.499Z
Updated: 2023-06-23T07:46:37.499Z
Reserved: 2023-05-22T07:58:22.196Z
Link: CVE-2023-33299
JSON object: View
NVD Information
Status : Modified
Published: 2023-06-23T08:15:09.483
Modified: 2023-11-07T04:14:50.620
Link: CVE-2023-33299
JSON object: View
Redhat Information
No data.
CWE