CVE-2023-48785 - Vulnerability Details - OpenCVE

An improper certificate validation vulnerability [CWE-295] in FortiNAC-F version 7.2.4 and below may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the HTTPS communication channel between the FortiOS device, an inventory, and FortiNAC-F.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Fortinet	Fortinac-f

Configuration 1 [-]

cpe:2.3:a:fortinet:fortinac-f:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://fortiguard.com/psirt/FG-IR-23-288

History

Fri, 25 Jul 2025 15:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:fortinet:fortinac-f::::::::

Mon, 14 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00043}`	epss `{'score': 0.00059}`

Fri, 14 Mar 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 14 Mar 2025 16:00:00 +0000

Type	Values Removed	Values Added
Description		An improper certificate validation vulnerability [CWE-295] in FortiNAC-F version 7.2.4 and below may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the HTTPS communication channel between the FortiOS device, an inventory, and FortiNAC-F.
Weaknesses		CWE-295
References		https://fortiguard.com/psirt/FG-IR-23-288
Metrics		cvssV3_1 `{'score': 4.4, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:X/RC:X'}`

MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2025-03-14T15:46:57.799Z

Updated: 2025-03-14T17:17:09.570Z

Reserved: 2023-11-19T19:58:38.554Z

Link: CVE-2023-48785

Vulnrichment

Updated: 2025-03-14T17:15:18.058Z

NVD

Status : Analyzed

Published: 2025-03-14T16:15:27.733

Modified: 2025-07-25T15:08:45.760

Link: CVE-2023-48785

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-48785", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2023-11-19T19:58:38.554Z", "datePublished": "2025-03-14T15:46:57.799Z", "dateUpdated": "2025-03-14T17:17:09.570Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiNAC-F", "cpes": [], "defaultStatus": "unaffected", "versions": [{"versionType": "semver", "version": "7.2.0", "lessThanOrEqual": "7.2.4", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "An improper certificate validation vulnerability [CWE-295] in FortiNAC-F version 7.2.4 and below may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the HTTPS communication channel between the FortiOS device, an inventory, and FortiNAC-F."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2025-03-14T15:46:57.799Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-295", "description": "Information disclosure", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:X/RC:X"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiNAC-F version 7.4.0 or above \nPlease upgrade to FortiNAC-F version 7.2.5 or above"}], "references": [{"name": "https://fortiguard.com/psirt/FG-IR-23-288", "url": "https://fortiguard.com/psirt/FG-IR-23-288"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-14T17:13:32.966472Z", "id": "CVE-2023-48785", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-14T17:17:09.570Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-48785", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-14T17:13:32.966472Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-14T17:15:18.058Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:X/RC:X", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"cpes": [], "vendor": "Fortinet", "product": "FortiNAC-F", "versions": [{"status": "affected", "version": "7.2.0", "versionType": "semver", "lessThanOrEqual": "7.2.4"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiNAC-F version 7.4.0 or above \nPlease upgrade to FortiNAC-F version 7.2.5 or above"}], "references": [{"url": "https://fortiguard.com/psirt/FG-IR-23-288", "name": "https://fortiguard.com/psirt/FG-IR-23-288"}], "descriptions": [{"lang": "en", "value": "An improper certificate validation vulnerability [CWE-295] in FortiNAC-F version 7.2.4 and below may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the HTTPS communication channel between the FortiOS device, an inventory, and FortiNAC-F."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-295", "description": "Information disclosure"}]}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2025-03-14T15:46:57.799Z"}}}, "cveMetadata": {"cveId": "CVE-2023-48785", "state": "PUBLISHED", "dateUpdated": "2025-03-14T17:17:09.570Z", "dateReserved": "2023-11-19T19:58:38.554Z", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "datePublished": "2025-03-14T15:46:57.799Z", "assignerShortName": "fortinet"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortinac-f:*:*:*:*:*:*:*:*", "matchCriteriaId": "10E94405-A4E7-4380-97A3-12FB8F997887", "versionEndExcluding": "7.2.5", "versionStartIncluding": "7.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An improper certificate validation vulnerability [CWE-295] in FortiNAC-F version 7.2.4 and below may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the HTTPS communication channel between the FortiOS device, an inventory, and FortiNAC-F."}, {"lang": "es", "value": "Una vulnerabilidad de validaci\u00f3n de certificado incorrecta [CWE-295] en FortiNAC-F versi\u00f3n 7.2.4 y anteriores puede permitir que un atacante remoto y no autenticado realice un ataque Man-in-the-Middle en el canal de comunicaci\u00f3n HTTPS entre el dispositivo FortiOS, un inventario y FortiNAC-F."}], "id": "CVE-2023-48785", "lastModified": "2025-07-25T15:08:45.760", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 2.5, "source": "psirt@fortinet.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-03-14T16:15:27.733", "references": [{"source": "psirt@fortinet.com", "tags": ["Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-23-288"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "psirt@fortinet.com", "type": "Primary"}]}