CVE-2024-23665
5.9MEDIUMMultiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below, version 7.2.7 and below, version 7.0.10 and below, version 6.4.3 and below, version 6.3.23 and below may
Veröffentlicht: 6/3/2024Aktualisiert: 12/17/2024
Beschreibung
Multiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below, version 7.2.7 and below, version 7.0.10 and below, version 6.4.3 and below, version 6.3.23 and below may allow an authenticated attacker to perform unauthorized ADOM operations via crafted requests.
KI-AnalyseKI-gestützt
Betroffene Produkte
fortinetfortiweb
fortinetfortiweb
fortinetfortiweb
fortinetfortiweb
fortinetfortiweb
Referenzen
- https://fortiguard.fortinet.com/psirt/FG-IR-23-474Vendor Advisory
- https://fortiguard.fortinet.com/psirt/FG-IR-23-474Vendor Advisory