CVE-2023-46715

An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets.

CVSS v3 5.0 MEDIUM

5.0^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.1 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://fortiguard.com/psirt/FG-IR-23-407	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*

History

31 Jan 2025, 17:20

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de error de validación de origen [CWE-346] en Fortinet FortiOS IPSec VPN versión 7.4.0 a 7.4.1 y versión 7.2.6 y anteriores permite que un usuario de IPSec VPN autenticado con dirección IP dinámica envíe (pero no reciba) paquetes que falsifican la IP de otro usuario a través de paquetes de red manipulados.
References	~~() https://fortiguard.com/psirt/FG-IR-23-407 -~~	() https://fortiguard.com/psirt/FG-IR-23-407 - Vendor Advisory
First Time		Fortinet Fortinet fortios
CPE		cpe:2.3:o:fortinet:fortios::::::::

14 Jan 2025, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-14 14:15

Updated : 2025-01-31 17:20

NVD link : CVE-2023-46715

Mitre link : CVE-2023-46715

CVE.ORG link : CVE-2023-46715

JSON object : View

Products Affected

fortinet

fortios

CWE

CWE-346

Origin Validation Error

{"id": "CVE-2023-46715", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.0, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.1}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2025-01-14T14:15:27.387", "references": [{"url": "https://fortiguard.com/psirt/FG-IR-23-407", "tags": ["Vendor Advisory"], "source": "psirt@fortinet.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@fortinet.com", "description": [{"lang": "en", "value": "CWE-346"}]}], "descriptions": [{"lang": "en", "value": "An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets."}, {"lang": "es", "value": "Una vulnerabilidad de error de validaci\u00f3n de origen [CWE-346] en Fortinet FortiOS IPSec VPN versi\u00f3n 7.4.0 a 7.4.1 y versi\u00f3n 7.2.6 y anteriores permite que un usuario de IPSec VPN autenticado con direcci\u00f3n IP din\u00e1mica env\u00ede (pero no reciba) paquetes que falsifican la IP de otro usuario a trav\u00e9s de paquetes de red manipulados."}], "lastModified": "2025-01-31T17:20:44.087", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D551134C-9EFE-42A3-8DE1-AB84D115D748", "versionEndExcluding": "7.4.2", "versionStartIncluding": "6.2.0"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}