{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T23:43:18.421","vulnerabilities":[{"cve":{"id":"CVE-2023-34991","sourceIdentifier":"psirt@fortinet.com","published":"2023-11-14T18:15:30.443","lastModified":"2024-11-21T08:07:47.280","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.0 through 8.4.2 and 8.3.0 through 8.3.2 and 8.2.2 allows attacker to execute unauthorized code or commands via a crafted http request."},{"lang":"es","value":"Una neutralización inadecuada de elementos especiales utilizados en un comando sql (\"inyección sql\") en Fortinet FortiWLM versión 8.6.0 a 8.6.5 y 8.5.0 a 8.5.4 y 8.4.0 a 8.4.2 y 8.3.0 a 8.3 .2 y 8.2.2 permiten a un atacante ejecutar código o comandos no autorizados a través de una solicitud http manipuladas."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwlm:*:*:*:*:*:*:*:*","versionStartIncluding":"8.5.0","versionEndIncluding":"8.5.4","matchCriteriaId":"929F1380-4410-466D-9203-62414DC7A39E"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwlm:*:*:*:*:*:*:*:*","versionStartIncluding":"8.6.0","versionEndIncluding":"8.6.5","matchCriteriaId":"BCEDF5B8-C922-48DD-926D-788A53ACD684"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwlm:8.2.2:*:*:*:*:*:*:*","matchCriteriaId":"A2DBECF3-69BD-4622-B0B3-1F0552CBB3E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwlm:8.3.0:*:*:*:*:*:*:*","matchCriteriaId":"1A60E7E2-8A10-4C69-A86C-2D680C5E056A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwlm:8.3.1:*:*:*:*:*:*:*","matchCriteriaId":"F831179F-EC2D-4B8A-B433-CA395C1FEDA2"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwlm:8.3.2:*:*:*:*:*:*:*","matchCriteriaId":"F036687E-4682-4773-9A28-33B9DB40C976"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwlm:8.4.0:*:*:*:*:*:*:*","matchCriteriaId":"22C854E0-5DD1-4EB6-8F84-243067C27AE8"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwlm:8.4.1:*:*:*:*:*:*:*","matchCriteriaId":"60787CAF-DF95-4691-A3C5-4A1A517DD146"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwlm:8.4.2:*:*:*:*:*:*:*","matchCriteriaId":"F9771B20-5C37-41ED-9DD9-19DCE1FD0F6B"}]}]}],"references":[{"url":"https://fortiguard.com/psirt/FG-IR-23-142","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://fortiguard.com/psirt/FG-IR-23-142","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}