CVE-2023-25605

Name of the Vulnerable Software and Affected Versions Fortinet FortiSOAR versions 7.3.0 through 7.3.1

Description The issue is related to improper access control in the administrative interface, allowing an attacker to perform unauthorized actions via crafted HTTP requests. This can enable a remote attacker to gain unauthorized access to protected information.

Recommendations For Fortinet FortiSOAR versions 7.3.0 through 7.3.1, consider restricting access to the administrative interface until a patch is available. As a temporary workaround, limit the ability to send crafted HTTP requests to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.