{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T20:33:44.781","vulnerabilities":[{"cve":{"id":"CVE-2023-46715","sourceIdentifier":"psirt@fortinet.com","published":"2025-01-14T14:15:27.387","lastModified":"2025-01-31T17:20:44.087","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An origin validation error [CWE-346] vulnerability in Fortinet FortiOS  IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets."},{"lang":"es","value":"Una vulnerabilidad de error de validación de origen [CWE-346] en Fortinet FortiOS IPSec VPN versión 7.4.0 a 7.4.1 y versión 7.2.6 y anteriores permite que un usuario de IPSec VPN autenticado con dirección IP dinámica envíe (pero no reciba) paquetes que falsifican la IP de otro usuario a través de paquetes de red manipulados."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0","versionEndExcluding":"7.4.2","matchCriteriaId":"D551134C-9EFE-42A3-8DE1-AB84D115D748"}]}]}],"references":[{"url":"https://fortiguard.com/psirt/FG-IR-23-407","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}}]}