First published: Tue Nov 14 2023(Updated: )
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 and 5.0.0 through 5.0.1 and 4.10.0 and 4.9.0 and 4.7.2 allows attacker to execute unauthorized code or commands via crafted API requests.
|Affected Software||Affected Version||How to fix|
CVE-2023-36553 is a vulnerability that allows an attacker to execute arbitrary commands on Fortinet FortiSIEM versions 4.7.2 through 5.4.0.
CVE-2023-36553 has a severity rating of 9.3, which is considered critical.
Fortinet FortiSIEM versions 4.7.2 through 5.4.0 are affected by CVE-2023-36553.
Yes, Fortinet has released patches to fix CVE-2023-36553. Please refer to their official website for more details.
You can find more information about CVE-2023-36553 on Fortinet's official website.