CVE-2023-34984

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 13, 2023

Updated: Nov 7, 2023

CWE ID 693

Summary

CVE-2023-34984 is a vulnerability affecting Fortinet FortiWeb versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.0 through 6.4.3, and 6.3.6 through 6.3.23. This issue involves a protection mechanism failure that enables attackers to execute unauthorized code or commands by utilizing specially crafted HTTP requests. Successful exploitation could result in significant security risks, emphasizing the importance of updating affected systems as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

FortiWeb
Fortinet FortiMail

Affected Vendors

Fortinet

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rzlEoH
https://www.cve.org/CVERecord?id=CVE-2023-34984
https://nvd.nist.gov/vuln/detail/CVE-2023-34984

Back to Vulnerability Database