vulnerability
Fortinet FortiOS: Unspecified Security Vulnerability (CVE-2023-37935)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:C/I:N/A:N) | Oct 10, 2023 | Oct 16, 2023 | Aug 11, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:C/I:N/A:N)
Published
Oct 10, 2023
Added
Oct 16, 2023
Modified
Aug 11, 2025
Description
A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services.
Solution
fortios-upgrade-latest
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.