{"vulnerability": "CVE-2023-3655", "sightings": [{"uuid": "fc9df4ca-cc05-474c-b4e3-071dc0529935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36558", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13945", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-36558\n\ud83d\udd25 CVSS Score: 6.2 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C)\n\ud83d\udd39 Description: ASP.NET Core Security Feature Bypass Vulnerability\n\ud83d\udccf Published: 2023-11-14T21:35:31.499Z\n\ud83d\udccf Modified: 2025-04-29T23:34:51.569Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36558", "creation_timestamp": "2025-04-30T00:12:26.000000Z"}, {"uuid": "517eacf8-7679-4f08-b0fb-2ab9f03a9deb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36553", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5919", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-36553 unauthenticated RCE PoC for Fortinet Fortisiem\nURL\uff1ahttps://github.com/kenit7s/CVE-2023-36553-RCE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-23T05:07:09.000000Z"}, {"uuid": "78b72546-7bd8-4f04-b209-9c10565a769a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3655", "type": "seen", "source": "https://t.me/cibsecurity/71472", "content": "\u203c CVE-2023-3655 \u203c\n\ncashIT! - serving solutions. Devices from \"PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH\" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system settings, user accounts,...).\u00c2\u00a0This vulnerability can be triggered by an HTTP endpoint exposed to the network.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-03T12:41:12.000000Z"}, {"uuid": "724946b1-a4cd-40b4-aef1-f3e2b5abf0c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36554", "type": "seen", "source": "https://t.me/arpsyndicate/4189", "content": "#ExploitObserverAlert\n\nCVE-2023-36554\n\nDESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2023-36554. A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.", "creation_timestamp": "2024-03-13T21:42:37.000000Z"}, {"uuid": "16930d82-487c-471f-b4e3-96a6a4b5b6dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36559", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11727", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-36559\n\ud83d\udd25 CVSS Score: 4.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Edge (Chromium-based) Spoofing Vulnerability\n\ud83d\udccf Published: 2023-10-13T20:36:10.925Z\n\ud83d\udccf Modified: 2025-04-14T22:46:41.145Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36559", "creation_timestamp": "2025-04-14T22:53:57.000000Z"}, {"uuid": "187df3c4-3dbb-4fc3-9ee1-af2414679460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36553", "type": "seen", "source": "https://t.me/arpsyndicate/351", "content": "#ExploitObserverAlert\n\nCVE-2023-36553\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36553. A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 and 5.0.0 through 5.0.1 and 4.10.0 and 4.9.0 and 4.7.2 allows attacker to execute unauthorized code or commands via crafted API requests.\n\nFIRST-EPSS: 0.000430000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-22T15:19:30.000000Z"}, {"uuid": "a8cb7566-b299-4d08-a0db-797023e7da73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36553", "type": "seen", "source": "https://t.me/CyberSecurityIL/32193", "content": "\u05de\u05e9\u05ea\u05de\u05e9\u05d9\u05dd \u05d1\u05de\u05d5\u05e6\u05e8 Forti Siem \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea \u05e4\u05d5\u05e8\u05d8\u05d9\u05e0\u05d8? \u05e9\u05d9\u05de\u05d5 \u05dc\u05d1 \u05dc\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05d7\u05d3\u05e9\u05d4 (9.8) - CVE-2023-36553\n\n\u05e4\u05e8\u05d8\u05d9\u05dd \u05e0\u05d5\u05e1\u05e4\u05d9\u05dd - \u05db\u05d0\u05df\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea", "creation_timestamp": "2023-11-16T18:04:06.000000Z"}, {"uuid": "4f4efd2a-4066-4790-84cb-82ffaf639a50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36555", "type": "seen", "source": "https://t.me/cibsecurity/71973", "content": "\u203c CVE-2023-36555 \u203c\n\nAn improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiOS 7.2.0 - 7.2.4 allows an attacker to execute unauthorized code or commands via the SAML and Security Fabric components.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T20:16:54.000000Z"}, {"uuid": "39d3dc41-d9c4-4edc-9a12-077a97613180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36556", "type": "seen", "source": "https://t.me/cibsecurity/71968", "content": "\u203c CVE-2023-36556 \u203c\n\nAn incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.5 and below 6.4.7 allows an authenticated attacker to login on other users accounts from the same web domain via crafted HTTP or HTTPs requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T20:16:49.000000Z"}, {"uuid": "6385b373-d854-408b-ae37-4bf043dbdc73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36553", "type": "seen", "source": "https://t.me/true_secator/5096", "content": "Fortinet \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0435 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 FortiSIEM, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u043c\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0447\u0435\u0440\u0435\u0437 \u0437\u0430\u043f\u0440\u043e\u0441\u044b API.\n\nFortinet \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0430\u043a CVE-2023-36553 \u0438 \u043f\u0440\u043e\u0441\u0432\u043e\u0438\u043b\u0430 \u0435\u0439 \u043e\u0446\u0435\u043d\u043a\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 9,3, \u043e\u0434\u043d\u0430\u043a\u043e NIST \u0440\u0430\u0441\u0441\u0447\u0438\u0442\u0430\u043b\u00a09,8.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e CVE-2023-36553 - \u044d\u0442\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u043d\u0430\u044f \u043e\u0442 \u0434\u0440\u0443\u0433\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b CVE-2023-34992, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043e\u0447\u0438\u0441\u0442\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u043e\u043a\u0442\u044f\u0431\u0440\u044f.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0441\u043f\u0435\u0446\u0441\u0438\u043c\u0432\u043e\u043b\u0430\u043c\u0438 \u0438\u043b\u0438 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u0430\u043c\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u0442 \u0437\u0430\u043f\u0440\u043e\u0441\u044b API \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u0435\u0442 \u0438\u0445 \u041e\u0421 \u043a\u0430\u043a \u043a\u043e\u043c\u0430\u043d\u0434\u0443 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043e\u043f\u0430\u0441\u043d\u044b\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0430\u043d\u043d\u044b\u043c.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0438 FortiSIEM \u0441 4.7 \u043f\u043e 5.4.\n\nFortinet \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e 6.4.3, 6.5.2, 6.6.4, 6.7.6, 7.0.1 \u0438\u043b\u0438 7.1.0 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439.\n\n\u0412\u0435\u0434\u044c \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f Fortinet \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u0445 \u0432 \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0438, \u0444\u0438\u043d\u0441\u0435\u043a\u0442\u043e\u0440\u0435, \u0442\u043e\u0440\u0433\u043e\u0432\u043b\u0435, \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043a\u043e\u043c\u043c\u0435\u0440\u0446\u0438\u0438, \u0433\u043e\u0441\u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f\u0445, \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0447\u0430\u0441\u0442\u043e \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u043c \u0410\u0420\u0422-\u0430\u0442\u0430\u043a, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0447\u0442\u043e \u043d\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0435 \u0443\u0436\u0435 \u043d\u0435\u043e\u0434\u043d\u043e\u043a\u0440\u0430\u0442\u043d\u043e \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u043b\u043e\u0441\u044c.", "creation_timestamp": "2023-11-17T09:49:29.000000Z"}, {"uuid": "698922b4-defe-442e-80c5-a51747bbeafb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36554", "type": "seen", "source": "https://t.me/ctinow/205816", "content": "https://ift.tt/MJIrzlo\nCVE-2023-36554", "creation_timestamp": "2024-03-12T16:32:01.000000Z"}, {"uuid": "eeb2ff1f-c7eb-43b8-bc1f-9e6260e90829", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36554", "type": "seen", "source": "https://t.me/ctinow/205800", "content": "https://ift.tt/MJIrzlo\nCVE-2023-36554", "creation_timestamp": "2024-03-12T16:26:33.000000Z"}, {"uuid": "42848084-ca0f-4513-bdb5-69a82a4c4626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36551", "type": "seen", "source": "https://t.me/cibsecurity/70375", "content": "\u203c CVE-2023-36551 \u203c\n\nA exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.5 allows attacker to information disclosure via a crafted http request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-13T16:23:41.000000Z"}]}