Vulnerability Details : CVE-2023-30803
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can bypass authentication and access administrative functionality by sending HTTP requests using a crafted Y-forwarded-for header.
Products affected by CVE-2023-30803
- cpe:2.3:a:sangfor:next-gen_application_firewall:8.0.17:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-30803
0.20%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 59 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-30803
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
VulnCheck | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2023-30803
-
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.Assigned by:
- disclosure@vulncheck.com (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2023-30803
-
https://vulncheck.com/advisories/sangfor-ngaf-auth-bypass
Sangfor Next-Gen Application Firewall Authentication Bypass | VulnCheck AdvisoriesThird Party Advisory
-
https://labs.watchtowr.com/yet-more-unauth-remote-command-execution-vulns-in-firewalls-sangfor-edition/
Yet More Unauth Remote Command Execution Vulns in Firewalls - Sangfor EditionExploit;Third Party Advisory
-
https://aws.amazon.com/marketplace/pp/prodview-uujwjffddxzp4
AWS Marketplace: Sangfor Next-Gen Application FirewallProduct
Jump to