cvelistv5 - cve-2023-47536

Source	URL	Tags
psirt@fortinet.com	https://fortiguard.com/psirt/FG-IR-23-432	Vendor Advisory

Vendor	Product
Fortinet	FortiOS
Fortinet	FortiProxy

gsd-2023-47536

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update.

Aliases

CVE-2023-47536

Aliases

CVE-2023-47536

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-47536",
    "id": "GSD-2023-47536"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-47536"
      ],
      "details": "An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update.",
      "id": "GSD-2023-47536",
      "modified": "2023-12-13T01:20:51.310441Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@fortinet.com",
        "ID": "CVE-2023-47536",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "FortiOS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "7.2.0"
                        },
                        {
                          "version_affected": "\u003c=",
                          "version_name": "7.0.0",
                          "version_value": "7.0.13"
                        },
                        {
                          "version_affected": "\u003c=",
                          "version_name": "6.4.0",
                          "version_value": "6.4.14"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "FortiProxy",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "7.2.0",
                          "version_value": "7.2.3"
                        },
                        {
                          "version_affected": "\u003c=",
                          "version_name": "7.0.0",
                          "version_value": "7.0.9"
                        },
                        {
                          "version_affected": "\u003c=",
                          "version_name": "2.0.0",
                          "version_value": "2.0.12"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Fortinet"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 2.8,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:F/RL:O/RC:R",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-284",
                "lang": "eng",
                "value": "Improper access control"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://fortiguard.com/psirt/FG-IR-23-432",
            "refsource": "MISC",
            "url": "https://fortiguard.com/psirt/FG-IR-23-432"
          }
        ]
      },
      "solution": [
        {
          "lang": "en",
          "value": "Please upgrade to FortiOS version 7.4.0 or above \nPlease upgrade to FortiOS version 7.2.1 or above \nPlease upgrade to FortiProxy version 7.4.0 or above \nPlease upgrade to FortiProxy version 7.2.4 or above \nPlease upgrade to FortiProxy version 7.0.10 or above \nPlease upgrade to FortiProxy version 2.0.13 or above \n"
        }
      ]
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "7C1D5E6B-A23E-4A92-B53C-720AFEB1B951",
                    "versionEndIncluding": "2.0.12",
                    "versionStartIncluding": "2.0.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "DAC18F7E-5242-4F36-BB42-FEC33B3AC075",
                    "versionEndIncluding": "7.0.9",
                    "versionStartIncluding": "7.0.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "3A99FF48-370E-4D2A-B5CC-889EA21AB213",
                    "versionEndIncluding": "7.2.3",
                    "versionStartIncluding": "7.2.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A2B52E22-C64D-4142-885E-6C44FA670574",
                    "versionEndIncluding": "6.4.14",
                    "versionStartIncluding": "6.4.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "DF27CA2F-3F4C-4CCB-B832-0E792673C429",
                    "versionEndIncluding": "7.0.13",
                    "versionStartIncluding": "7.0.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "B9B87A2A-4C83-448B-8009-AD20214D58CB",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update."
          },
          {
            "lang": "es",
            "value": "Una vulnerabilidad de control de acceso inadecuado [CWE-284] en FortiOS versi\u00f3n 7.2.0, versi\u00f3n 7.0.13 e inferior, versi\u00f3n 6.4.14 e inferior y FortiProxy versi\u00f3n 7.2.3 e inferior, versi\u00f3n 7.0.9 e inferior, versi\u00f3n 2.0.12 y a continuaci\u00f3n pueden permitir que un atacante remoto no autenticado evite la pol\u00edtica de geolocalizaci\u00f3n de denegaci\u00f3n del firewall sincronizando la omisi\u00f3n con una actualizaci\u00f3n de la base de datos GeoIP."
          }
        ],
        "id": "CVE-2023-47536",
        "lastModified": "2023-12-18T17:19:51.397",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 1.4,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 1.6,
              "impactScore": 1.4,
              "source": "psirt@fortinet.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2023-12-13T08:15:50.920",
        "references": [
          {
            "source": "psirt@fortinet.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://fortiguard.com/psirt/FG-IR-23-432"
          }
        ],
        "sourceIdentifier": "psirt@fortinet.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-284"
              }
            ],
            "source": "psirt@fortinet.com",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

ghsa-mr98-43v8-59c7

Vulnerability from github

Published

2023-12-13 09:30

Modified

2023-12-13 09:30

Severity

3.1 (Low) - CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

Details

An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-47536"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-13T08:15:50Z",
    "severity": "LOW"
  },
  "details": "An improper access control vulnerability [CWE-284] in FortiOS version 7.2.0, version 7.0.13 and below, version 6.4.14 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below may allow a remote unauthenticated attacker to bypass the firewall deny geolocalisation policy via timing the bypass with a GeoIP database update.",
  "id": "GHSA-mr98-43v8-59c7",
  "modified": "2023-12-13T09:30:32Z",
  "published": "2023-12-13T09:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47536"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.com/psirt/FG-IR-23-432"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

wid-sec-w-2023-3120

Vulnerability from csaf_certbund

Published

2023-12-12 23:00

Modified

2023-12-12 23:00

Summary

Fortinet FortiOS und FortiProxy: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

FortiOS ist ein gehärtetes Betriebssystem für FortiGate Plattformen. FortiProxy ist eine Web-Proxy Lösung.

Angriff

Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Fortinet FortiOS und Fortinet FortiProxy ausnutzen, um beliebigen Programmcode auszuführen oder Sicherheitsmaßnahmen zu umgehen.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "FortiOS ist ein geh\u00e4rtetes Betriebssystem f\u00fcr FortiGate Plattformen.\r\nFortiProxy ist eine Web-Proxy L\u00f6sung.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Fortinet FortiOS und Fortinet FortiProxy ausnutzen, um beliebigen Programmcode auszuf\u00fchren oder Sicherheitsma\u00dfnahmen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-3120 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3120.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-3120 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3120"
      },
      {
        "category": "external",
        "summary": "FortiGuard PSIRT Advisory FG-IR-23-138 vom 2023-12-12",
        "url": "https://www.fortiguard.com/psirt/FG-IR-23-138"
      },
      {
        "category": "external",
        "summary": "FortiGuard PSIRT Advisory FG-IR-23-432 vom 2023-12-12",
        "url": "https://www.fortiguard.com/psirt/FG-IR-23-432"
      }
    ],
    "source_lang": "en-US",
    "title": "Fortinet FortiOS und FortiProxy: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-12-12T23:00:00.000+00:00",
      "generator": {
        "date": "2024-02-15T17:53:57.046+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2023-3120",
      "initial_release_date": "2023-12-12T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-12-12T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Fortinet FortiOS \u003c 6.4.13",
                "product": {
                  "name": "Fortinet FortiOS \u003c 6.4.13",
                  "product_id": "1377650",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:fortinet:fortios:6.4.13"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Fortinet FortiOS \u003c 7.2.5",
                "product": {
                  "name": "Fortinet FortiOS \u003c 7.2.5",
                  "product_id": "1419484",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:fortinet:fortios:7.2.5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Fortinet FortiOS \u003c 7.0.12",
                "product": {
                  "name": "Fortinet FortiOS \u003c 7.0.12",
                  "product_id": "1435612",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:fortinet:fortios:7.0.12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Fortinet FortiOS \u003c 7.4.1",
                "product": {
                  "name": "Fortinet FortiOS \u003c 7.4.1",
                  "product_id": "T030437",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:fortinet:fortios:7.4.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Fortinet FortiOS \u003c 6.2.16",
                "product": {
                  "name": "Fortinet FortiOS \u003c 6.2.16",
                  "product_id": "T031620",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:fortinet:fortios:6.2.16"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FortiOS"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Fortinet FortiProxy \u003c 7.0.11",
                "product": {
                  "name": "Fortinet FortiProxy \u003c 7.0.11",
                  "product_id": "1475108",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:fortinet:fortiproxy:7.0.11"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Fortinet FortiProxy \u003c 7.2.5",
                "product": {
                  "name": "Fortinet FortiProxy \u003c 7.2.5",
                  "product_id": "1475109",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:fortinet:fortiproxy:7.2.5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Fortinet FortiProxy \u003c 2.0.13",
                "product": {
                  "name": "Fortinet FortiProxy \u003c 2.0.13",
                  "product_id": "T028043",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:fortinet:fortiproxy:2.0.13"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FortiProxy"
          }
        ],
        "category": "vendor",
        "name": "Fortinet"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-36639",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Fortinet FortiOS und Fortinet FortiProxy. Dabei handelt es sich um ein Format-String-Problem im HTTPSd-Daemon. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um \u00fcber speziell gestaltete API-Anfragen nicht autorisierten Code oder Befehle auszuf\u00fchren."
        }
      ],
      "release_date": "2023-12-12T23:00:00Z",
      "title": "CVE-2023-36639"
    },
    {
      "cve": "CVE-2023-47536",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Fortinet FortiOS und Fortinet FortiProxy. Diese besteht in der Zugriffskontrolle. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um die Firewall-Richtlinie zur Verweigerung der Geolokalisierung zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
        }
      ],
      "release_date": "2023-12-12T23:00:00Z",
      "title": "CVE-2023-47536"
    }
  ]
}

Action not permitted

cve-2023-47536

Vulnerability from cvelistv5

gsd-2023-47536

Vulnerability from gsd

ghsa-mr98-43v8-59c7

Vulnerability from github

wid-sec-w-2023-3120

Vulnerability from csaf_certbund

Tags