CVE-2023-45581

Name of the Vulnerable Software and Affected Versions Fortinet FortiClientEMS versions 7.2.0 through 7.2.2 Fortinet FortiClientEMS versions before 7.0.10

Description The issue is related to improper privilege management, allowing a Site administrator with Super Admin privileges to perform global administrative operations affecting other sites via crafted HTTP or HTTPS requests. This can be achieved by sending specially crafted HTTP or HTTPS requests.

Recommendations For Fortinet FortiClientEMS versions 7.2.0 through 7.2.2, consider restricting access to the administrative interface until a patch is available. For Fortinet FortiClientEMS versions before 7.0.10, consider restricting access to the administrative interface until a patch is available. As a temporary workaround, consider disabling the Super Admin privileges for Site administrators until a patch is available. Restrict access to the vulnerable HTTP or HTTPS endpoints to minimize the risk of exploitation.