CVE-2023-34991

Summary

CVE-2023-34991 is a vulnerability affecting various versions of Fortinet FortiWLM, including 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.4.0 through 8.4.2, 8.3.0 through 8.3.2, and 8.2.2. This issue involves an SQL injection flaw, where a maliciously crafted HTTP request can trick the system into executing unauthorized code or commands by improperly neutralizing special elements used in an SQL command. An attacker can potentially exploit this vulnerability to gain unauthorized access or cause other malicious actions. Fortinet urges affected users to apply the available patches as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.