CVE-2023-40718

High

A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP…

fortinet·CWE-436·Published 2023-10-10

CVSS

7.5

EPSS

0.00

KEV

Exploits

cve.orgen

143 chars

A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets.

NVDen

143 chars

A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets.

Un conflicto de interpretación en las versiones 7.321, 7.166 y 6.158 de Fortinet IPS Engine permite a un atacante evadir las funciones de IPS a través de paquetes TCP manipulados.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
3.1	Primary	cve.org	6.7	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:F/RL:O/RC:R
3.1	Primary	cve.org	6.7	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:F/RL:O/RC:R
3.1	Secondary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N