How severe is CVE-2024-36509?

CVE-2024-36509 has a CVSS v3 score of 4.2 (MEDIUM).

CVE-2024-36509

Name: fortiweb
Author: fortinet

4.2MEDIUM

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and b

Publicado: 11/12/2024Atualizado: 11/14/2024

Descrição

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and below, version 6.3.23 and below may allow an authenticated attacker to access the encrypted passwords of other administrators via the "Log Access Event" logs page.

Análise IADesenvolvido por IA

Produtos Afetados

fortinetfortiweb

7.6.0

Referências

https://fortiguard.fortinet.com/psirt/FG-IR-24-180
Vendor Advisory