CVE-2023-50180
MEDIUMFortiADC <= 7.4.1, <= 7.2.3, <= 7.1.4, <= 7.0.5, < 6.2.6 - Exposure of Sensitive System Information
Title source: llmDescription
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiADC version 7.4.1 and below, version 7.2.3 and below, version 7.1.4 and below, version 7.0.5 and below, version 6.2.6 and below may allow a read-only admin to view data pertaining to other admins.
References (1)
Core 1
Core References
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-23-433
Scores
CVSS v3
5.5
EPSS
0.0026
EPSS Percentile
16.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-497
Status
published
Products (3)
fortinet/fortiadc
7.4.0
fortinet/fortiadc
7.4.1
fortinet/fortiadc
< 6.2.6
Published
May 14, 2024
Tracked Since
Feb 18, 2026