CVE-2023-36635 : What You Need to Know

A vulnerability has been identified in Fortinet FortiSwitchManager versions 7.2.0 through 7.2.2 and 7.0.0 through 7.0.1 that may allow a remote authenticated read-only user to modify interface settings via the API.

Understanding CVE-2023-36635

This CVE refers to an improper access control issue in Fortinet FortiSwitchManager that could potentially be exploited by a remote attacker.

What is CVE-2023-36635?

The vulnerability in FortiSwitchManager versions 7.2.0 through 7.2.2 and 7.0.0 through 7.0.1 enables a remote authenticated read-only user to tamper with interface settings via the API.

The Impact of CVE-2023-36635

With a CVSS base score of 6.9, this medium-severity vulnerability could result in high availability impact, low integrity impact, and requires low privileges for exploitation.

Technical Details of CVE-2023-36635

This section delves into the specifics of the vulnerability.

Vulnerability Description

An improper access control issue in FortiSwitchManager versions 7.2.0 through 7.2.2 and 7.0.0 through 7.0.1 allows remote authenticated read-only users to manipulate interface settings using the API.

Affected Systems and Versions

FortiSwitchManager versions 7.2.0 through 7.2.2 and 7.0.0 through 7.0.1 are impacted by this vulnerability.

Exploitation Mechanism

Remote authenticated read-only users can exploit this vulnerability to modify interface settings through the API.

Mitigation and Prevention

To safeguard systems from CVE-2023-36635, immediate action and long-term security practices are essential.

Immediate Steps to Take

Upgrade to the following versions:

FortiOS version 7.2.1 or above
FortiOS version 7.0.8 or above
FortiSwitchManager version 7.2.2 or above
FortiSwitchManager version 7.0.2 or above

Long-Term Security Practices

Regularly update software and apply security patches to mitigate known vulnerabilities.

Patching and Updates

Stay informed about security releases and apply patches promptly to protect systems from potential threats.