Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2023
CVE-2023-44248
An improper access control vulnerability [CWE-284] in FortiEDRCollectorWindows version 5.2.0.4549 and below, 5.0.3.1007 and below, 4.0 all may allow a local attacker to prevent the collector service to start in the next system reboot by tampering with some registry keys of the service.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-11-14
CVE-2023-41840
A untrusted search path vulnerability in Fortinet FortiClientWindows 7.0.9 allows an attacker to perform a DLL Hijack attack via a malicious OpenSSL engine library in the search path.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-14
CVE-2023-42783
A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 and 8.4.2 through 8.4.0 and 8.3.2 through 8.3.0 and 8.2.2 allows attacker to read arbitrary files via crafted http requests.
CVSS Score
7.5
EPSS Score
0.009
Published
2023-11-14
CVE-2023-41676
An exposure of sensitive information to an unauthorized actor [CWE-200] in FortiSIEM version 7.0.0 and before 6.7.5 may allow an attacker with access to windows agent logs to obtain the windows agent password via searching through the logs.
CVSS Score
4.3
EPSS Score
0.003
Published
2023-11-14
CVE-2023-38151
Microsoft Host Integration Server 2020 Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.003
Published
2023-11-14
CVE-2023-38177
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVSS Score
6.1
EPSS Score
0.008
Published
2023-11-14
CVE-2023-36705
Windows Installer Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.002
Published
2023-11-14
CVE-2023-36719
Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-14
CVE-2023-36633
An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-11-14
CVE-2023-36641
A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests.
CVSS Score
6.5
EPSS Score
0.005
Published
2023-11-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved