{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-44252","assignerOrgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","state":"PUBLISHED","assignerShortName":"fortinet","dateReserved":"2023-09-27T12:26:48.750Z","datePublished":"2023-12-13T08:52:59.178Z","dateUpdated":"2024-08-02T19:59:52.074Z"},"containers":{"cna":{"affected":[{"vendor":"Fortinet","product":"FortiWAN","defaultStatus":"unaffected","versions":[{"versionType":"semver","version":"5.2.0","lessThanOrEqual":"5.2.1","status":"affected"},{"versionType":"semver","version":"5.1.1","lessThanOrEqual":"5.1.2","status":"affected"}]}],"descriptions":[{"lang":"en","value":"** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1 through 5.1.2 may allow an authenticated attacker to escalate his privileges via HTTP or HTTPs requests with crafted JWT token values."}],"providerMetadata":{"orgId":"6abe59d8-c742-4dff-8ce8-9b0ca1073da8","shortName":"fortinet","dateUpdated":"2023-12-13T08:52:59.178Z"},"problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-287","description":"Improper access control","type":"CWE"}]}],"metrics":[{"format":"CVSS","cvssV3_1":{"version":"3.1","attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8.6,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C"}}],"solutions":[{"lang":"en","value":"This product is end of life and no longer supported. Please consider replacing with an equivalent FortiGate appliance as approriate.\n"}],"references":[{"name":"https://fortiguard.com/psirt/FG-IR-23-061","url":"https://fortiguard.com/psirt/FG-IR-23-061"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T19:59:52.074Z"},"title":"CVE Program Container","references":[{"name":"https://fortiguard.com/psirt/FG-IR-23-061","url":"https://fortiguard.com/psirt/FG-IR-23-061","tags":["x_transferred"]}]}]}}