nvd-json-data-feeds/CVE-2023/CVE-2023-501xx/CVE-2023-50180.json

{
  "id": "CVE-2023-50180",
  "sourceIdentifier": "psirt@fortinet.com",
  "published": "2024-05-14T17:15:27.317",
  "lastModified": "2024-05-23T15:55:49.800",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiADC version 7.4.1 and below, version 7.2.3 and below, version 7.1.4 and below, version 7.0.5 and below, version 6.2.6 and below may allow a read-only admin to view data pertaining to other admins."
    },
    {
      "lang": "es",
      "value": "Una exposici\u00f3n de informaci\u00f3n confidencial del sistema a una vulnerabilidad de esfera de control no autorizada [CWE-497] en FortiADC versi\u00f3n 7.4.1 e inferior, versi\u00f3n 7.2.3 e inferior, versi\u00f3n 7.1.4 e inferior, versi\u00f3n 7.0.5 e inferior, versi\u00f3n 6.2. 6 y siguientes pueden permitir que un administrador de solo lectura vea datos pertenecientes a otros administradores."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6
      },
      {
        "source": "psirt@fortinet.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "psirt@fortinet.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-497"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "6.2.6",
              "matchCriteriaId": "971BE53E-8213-4B4E-B76F-4B446772EC4A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "7.0.0",
              "versionEndIncluding": "7.0.5",
              "matchCriteriaId": "302D8FF0-69B6-451A-9B5B-E28B2FAA30D8"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "7.1.0",
              "versionEndIncluding": "7.1.4",
              "matchCriteriaId": "C3CACC8D-C349-4BA9-9900-02A7CEA61FF3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "7.2.0",
              "versionEndIncluding": "7.2.3",
              "matchCriteriaId": "03EA09FD-30DE-4106-96D8-78949E335634"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:fortinet:fortiadc:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C624CB5-F745-4781-839A-B397EC97590B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:fortinet:fortiadc:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6FB3F3-79CB-4C0B-99D9-078CEFCF7E6E"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://fortiguard.com/psirt/FG-IR-23-433",
      "source": "psirt@fortinet.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}