How severe is CVE-2023-22641?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2023-22641?

This is classified as CWE-601, which is a common weakness in software security.

CVE-2023-22641 - MEDIUM Severity | CVSS 5.4

Vulnerability Description

A url redirection to untrusted site ('open redirect') in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0 through 7.0.8, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specially crafted requests.

Related Vulnerabilities

CVE-2016-0228

MEDIUM

CVSS:5.4(Medium)

IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to redi...

CWE-6012016

CVE-2016-0329

MEDIUM

CVSS:5.4(Medium)

Open redirect vulnerability in IBM Emptoris Sourcing 10.0.0.x before 10.0.0.1_iFix3, 10.0.1.x before 10.0.1.3_iFix3, 10.0.2.x before 10.0.2.8_iFix1, 10.0.4.0 before 10.0.4.0_iFix8, and 10.1.0.0 before...

CWE-6012016

CVE-2016-4604

MEDIUM

CVSS:5.4(Medium)

Safari in Apple iOS before 9.3.3 allows remote attackers to spoof the displayed URL via an HTTP response specifying redirection to an invalid TCP port number.

CWE-6012016

CVE-2016-8949

MEDIUM

CVSS:5.4(Medium)

IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-craft...

CWE-6012016

CVE-2016-8953

MEDIUM

CVSS:5.4(Medium)

IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a rem...

CWE-6012016

CVE-2017-1159

MEDIUM

CVSS:5.4(Medium)

IBM Business Process Manager 8.0 and 8.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remot...

CWE-6012017