How severe is CVE-2024-36509?

CVE-2024-36509 has a CVSS v3 score of 4.2 (MEDIUM).

CVE-2024-36509

Name: fortiweb
Author: fortinet

4.2MEDIUM

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and b

게시됨: 11/12/2024업데이트됨: 11/14/2024

설명

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and below, version 6.3.23 and below may allow an authenticated attacker to access the encrypted passwords of other administrators via the "Log Access Event" logs page.

AI 분석AI 기반

영향받는 제품

fortinetfortiweb

7.6.0

참조

https://fortiguard.fortinet.com/psirt/FG-IR-24-180
Vendor Advisory