Skip to main content
isservice
isservice
New Member
December 19, 2023
Question

CVE-2023-50164 mitigation

  • December 19, 2023
  • 3 replies
  • 2016 views

Hi there,

Are there any mitigations available for CVE-2023-50164?

Thanks in advance.

3 replies

ozkanaltas
ozkanaltas
Valued Contributor III
December 19, 2023

Hello @isservice ,

 

You can use this signature in your IPS profile to mitigate CVE-2023-50164.

 

https://www.fortiguard.com/encyclopedia/ips/54499

 

if you don't see this signature on your FortiGate, you can execute this command on CLI to get new signatures from FortiGuard. 

 

"execute update-now" 

 

image.png

    yamgoue
    yamgoue
    New Member
    January 15, 2024

    Hi there,

    Please which version and appliance model of FGT is impacted by this vulnerability?

     

    Thx

    Durga_Ashwath
    Staff
    Durga_Ashwath
    Staff
    January 16, 2024

    None of our products are affected by CVE-2023-50164. It seems that the issue is directed towards Apache Struts.The default action for this signature is pass. Modify the action as needed.Please do refer the article for the same https://community.fortinet.com/t5/FortiGate/Technical-Tip-IPS-default-action-selection-criteria/ta-p/198135. please refer to the related - https://www.fortiguard.com/search?q=CVE-2023-50164&engine=1

    Terms & ConditionsAccessibility statement