How severe is CVE-2024-36509?

CVE-2024-36509 has a CVSS v3 score of 4.2 (MEDIUM).

CVE-2024-36509

Name: fortiweb
Author: fortinet

4.2MEDIUM

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and b

Publicado: 11/12/2024Actualizado: 11/14/2024

Descripción

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and below, version 6.3.23 and below may allow an authenticated attacker to access the encrypted passwords of other administrators via the "Log Access Event" logs page.

Análisis IAImpulsado por IA

Productos Afectados

fortinetfortiweb

7.6.0

Referencias

https://fortiguard.fortinet.com/psirt/FG-IR-24-180
Vendor Advisory