Platform
fortinet
Component
fortinet-fortisandbox
Fixed in
4.4.3
4.2.9
4.0.7
3.2.5
3.1.6
CVE-2023-45587 describes a cross-site scripting (XSS) vulnerability present in Fortinet FortiSandbox. This flaw allows an attacker to inject malicious scripts into web pages, potentially leading to unauthorized code execution. The vulnerability impacts versions 3.1.0 through 4.4.2 of FortiSandbox, and a patch is available from Fortinet.
Successful exploitation of CVE-2023-45587 allows an attacker to execute arbitrary JavaScript code within the context of a user's browser session on the FortiSandbox web interface. This could lead to session hijacking, credential theft, or defacement of the web interface. An attacker could potentially gain access to sensitive data processed by FortiSandbox, or use the vulnerability as a stepping stone to compromise other systems within the network if the FortiSandbox is configured with overly permissive access controls. The impact is amplified if the FortiSandbox is used to analyze critical network traffic, as an attacker could potentially manipulate the analysis process.
CVE-2023-45587 was publicly disclosed on December 13, 2023. While no active exploitation campaigns have been publicly confirmed, the ease of XSS exploitation means it remains a potential threat. There are no known public proof-of-concept exploits available at this time. The vulnerability has been added to the CISA KEV catalog, indicating a potential risk to federal information systems.
Exploit Status
EPSS
0.44% (63% percentile)
CVSS Vector
The primary mitigation for CVE-2023-45587 is to upgrade FortiSandbox to a patched version. Fortinet has released updates to address this vulnerability. If immediate patching is not possible, consider implementing strict input validation and output encoding on the FortiSandbox web interface to prevent the injection of malicious scripts. Web application firewalls (WAFs) configured to detect and block XSS attacks can also provide a temporary layer of protection. Regularly review FortiSandbox configuration to ensure least privilege access.
Update FortiSandbox to a version later than 4.4.2, 4.2.8, 4.0.6, 3.2.4, or 3.1.5, as appropriate for your current version. Refer to the Fortinet security advisory for more details and specific upgrade instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2023-45587 is a cross-site scripting (XSS) vulnerability in Fortinet FortiSandbox versions 3.1.0–4.4.2, allowing attackers to execute malicious scripts.
If you are running Fortinet FortiSandbox versions 3.1.0 through 4.4.2, you are potentially affected by this vulnerability.
Upgrade to a patched version of Fortinet FortiSandbox as soon as possible. Refer to the Fortinet advisory for specific version details.
While no active exploitation campaigns have been publicly confirmed, the vulnerability remains a potential threat due to the ease of XSS exploitation.
Refer to the official Fortinet security advisory for detailed information and patching instructions: [https://fortinet.com/security/advisory/fo45587](https://fortinet.com/security/advisory/fo45587)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.