How severe is CVE-2023-36556?

CVE-2023-36556 has a CVSS v3 score of 8.8 (HIGH).

CVE-2023-36556

Name: fortimail
Author: fortinet

8.8HIGH

An incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.5 and below 6.4.7 allows an authenticated attacker to login on other user

公開日: 10/10/2023更新日: 11/21/2024

説明

An incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.5 and below 6.4.7 allows an authenticated attacker to login on other users accounts from the same web domain via crafted HTTP or HTTPs requests.

AI分析AIによる分析

影響を受ける製品

fortinetfortimail

7.2.0

fortinetfortimail

7.2.1

fortinetfortimail

7.2.2

参照

https://fortiguard.com/psirt/FG-IR-23-202
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-23-202
Vendor Advisory