CVE-2023-26207

CVE Database · CVE-2023-26207

CVE-2023-26207

· LOWModified

CVSS v3.1

3.3

EPSS

0.50%

Published

Jun 13, 2023

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.2.0 through 7.2.4 and FortiProxy 7.0.0 through 7.0.10. 7.2.0 through 7.2.1 allows an attacker to read certain passwords in plain text.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Weaknesses (CWE)

CWE-532CWE-532

Affected Products (4)

fortinet · fortiproxyvulnerable

fortinet · fortiosvulnerable

References (2)

https://fortiguard.com/psirt/FG-IR-22-455

Vendor Advisory

https://fortiguard.com/psirt/FG-IR-22-455

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs