CVE-2023-33302
CVE-2023-33302
Título es
CVE-2023-33302
Lun, 31/03/2025 – 15:15
Tipo
CWE-120
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2023-33302
Descripción en
A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via specifically crafted HTTP requests.
31/03/2025
31/03/2025
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Gravedad 3.1 (CVSS 3.1 Base Score)
4.70
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Enviar en el boletín
Off
