{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T13:36:26.131","vulnerabilities":[{"cve":{"id":"CVE-2024-23665","sourceIdentifier":"psirt@fortinet.com","published":"2024-06-03T10:15:12.870","lastModified":"2024-12-17T16:43:37.527","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below, version 7.2.7 and below, version 7.0.10 and below, version 6.4.3 and below, version 6.3.23 and below may allow an authenticated attacker to perform unauthorized ADOM operations via crafted requests."},{"lang":"es","value":"Múltiples vulnerabilidades de autorización inadecuada [CWE-285] en FortiWeb versión 7.4.2 y anteriores, versión 7.2.7 y siguientes, versión 7.0.10 y siguientes, versión 6.4.3 y siguientes, versión 6.3.23 y siguientes pueden permitir un atacante autenticado para realizar operaciones ADOM no autorizadas a través de solicitudes manipuladas."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3.0","versionEndIncluding":"6.3.23","matchCriteriaId":"29BAA789-62A7-4040-B6F7-8E70FFBA0399"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndIncluding":"6.4.3","matchCriteriaId":"AF5ED7B3-39F3-49FD-82D9-72CAB2D68636"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.0.10","matchCriteriaId":"744A540A-BC0F-4F64-8F26-F309D895359B"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.8","matchCriteriaId":"AA10A5FC-77B4-4FEE-AB50-EF76450268A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.3","matchCriteriaId":"B35B6E72-8578-4C35-80CF-66D0B74DAFC4"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-23-474","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-23-474","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}