CVE-2023-41679

CRITICAL Year: 2023
CVSS v3 Score
9.6
Critical
Weakness Type
CWE-284
View all →

Vulnerability Description

An improper access control vulnerability [CWE-284] in FortiManager management interface 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions may allow a remote and authenticated attacker with at least "device management" permission on his profile and belonging to a specific ADOM to add and delete CLI script on other ADOMs

Related Vulnerabilities

CVE-2016-5556

CRITICAL
CVSS:9.6(Critical)

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.

CWE-2842016

CVE-2016-5568

CRITICAL
CVSS:9.6(Critical)

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.

CWE-2842016

CVE-2016-5580

CRITICAL
CVSS:9.6(Critical)

Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.7 and 5.2 allows remote authenticated users to affect confidentiality and availability via vectors through W...

CWE-2842016

CVE-2016-5582

CRITICAL
CVSS:9.6(Critical)

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspo...

CWE-2842016

CVE-2022-26346

CRITICAL
CVSS:9.6(Critical)

A denial of service vulnerability exists in the ucloud_del_node functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attacker ...

CWE-2842022

CVE-2022-27178

CRITICAL
CVSS:9.6(Critical)

A denial of service vulnerability exists in the confctl_set_wan_cfg functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attac...

CWE-2842022