Elevated Action Exploitation in Fortinet FortiOS and FortiProxy HA Clusters

Elevated Action Exploitation in Fortinet FortiOS and FortiProxy HA Clusters

CVE-2023-44250 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.

Learn more about our Cis Benchmark Audit For Apple Ios.