Vulnerability in Fortinet Fortios
CVE-2023-29184
An incomplete cleanup vulnerability [CWE-459] in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 allows a VDOM privileged attacker to add SSH key files on the system silently via crafted CLI r…
EPSS: 0.002 (8.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 3.2 (Low). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N.
Affected products
- Fortinet Fortios — versions 7.2.0, 7.0.0, 6.4.0
- Fortinet Fortiproxy — versions 7.2.0, 7.0.0, 2.0.0
Weakness classification (CWE)
References
- psirt@fortinet.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2023-29184?
- CVE-2023-29184 is a low-severity vulnerability in Fortinet Fortios, classified under Incomplete Cleanup. CVSS score: 3.2/10. Published 2025-06-10.
- How severe is CVE-2023-29184?
- Low severity. CVSS v3 base score is 3.2 out of 10.