Fortinet FortiEDR 5.0.0/5.0.1 API Request session expiration

Summaryinfo

A vulnerability marked as problematic has been reported in Fortinet FortiEDR 5.0.0/5.0.1. The affected element is an unknown function of the component API Request Handler. Performing a manipulation results in session expiration. This vulnerability is reported as CVE-2023-33303. The attack is possible to be carried out remotely. No exploit exists. It is suggested to upgrade the affected component.

Detailsinfo

A vulnerability classified as problematic has been found in Fortinet FortiEDR 5.0.0/5.0.1. This affects an unknown code of the component API Request Handler. The manipulation with an unknown input leads to a session expiration vulnerability. CWE is classifying the issue as CWE-613. According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization." This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:

A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows attacker to execute unauthorized code or commands via api request

The weakness was disclosed 10/13/2023 as FG-IR-23-007. It is possible to read the advisory at fortiguard.com. This vulnerability is uniquely identified as CVE-2023-33303 since 05/22/2023. The technical details are unknown and an exploit is not publicly available.

Upgrading eliminates this vulnerability.

Be aware that VulDB is the high quality source for vulnerability data.

Productinfo

Vendor

• Fortinet

Name

• FortiEDR

Version

• 5.0.0
• 5.0.1

License

• commercial

Website

• Vendor: https://www.fortinet.com/

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Be aware that VulDB is the high quality source for vulnerability data.

Discussion