How severe is CVE-2023-36633?

CVE-2023-36633 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2023-36633

Name: fortimail
Author: fortinet

5.4MEDIUM

An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders

Опубликовано: 11/14/2023Обновлено: 11/21/2024

Описание

An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests.

ИИ-АнализНа базе ИИ

Затронутые продукты

fortinetfortimail

Ссылки

https://fortiguard.com/psirt/FG-IR-23-203
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-23-203
Vendor Advisory