HIGH 7.5
CVE-2023-42783
A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.2 through 8.4.0 and 8.3.2 through 8.3.0 and 8.2.2 allows attacker to read arbitrary files via crafted http requests.
CVSS v3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.7%
percentile 71.3%
Affected tracked apps
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| fortinet | fortiwlm | iOS | ≥8.5.0 ≤8.5.4 | cpe:2.3:a:fortinet:fortiwlm:*:*:*:*:*:*:*:* |
| fortinet | fortiwlm | iOS | ≥8.6.0 ≤8.6.6 | cpe:2.3:a:fortinet:fortiwlm:*:*:*:*:*:*:*:* |
| fortinet | fortiwlm | iOS | — | cpe:2.3:a:fortinet:fortiwlm:8.2.2:*:*:*:*:*:*:* |
| fortinet | fortiwlm | iOS | — | cpe:2.3:a:fortinet:fortiwlm:8.3.0:*:*:*:*:*:*:* |
| fortinet | fortiwlm | iOS | — | cpe:2.3:a:fortinet:fortiwlm:8.3.1:*:*:*:*:*:*:* |
| fortinet | fortiwlm | iOS | — | cpe:2.3:a:fortinet:fortiwlm:8.3.2:*:*:*:*:*:*:* |
| fortinet | fortiwlm | iOS | — | cpe:2.3:a:fortinet:fortiwlm:8.4.0:*:*:*:*:*:*:* |
| fortinet | fortiwlm | iOS | — | cpe:2.3:a:fortinet:fortiwlm:8.4.1:*:*:*:*:*:*:* |
| fortinet | fortiwlm | iOS | — | cpe:2.3:a:fortinet:fortiwlm:8.4.2:*:*:*:*:*:*:* |