CVE-2013-4604
Description
Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role.
Risk Information
Base Score
8.1
MODERATE
Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.391
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2013-4604 are affected in fortios 5.0.2 | NCM |
| CVE-2013-4604 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234