CVE-2024-23665
5.9MEDIUMMultiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below, version 7.2.7 and below, version 7.0.10 and below, version 6.4.3 and below, version 6.3.23 and below may
Опубликовано: 6/3/2024Обновлено: 12/17/2024
Описание
Multiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below, version 7.2.7 and below, version 7.0.10 and below, version 6.4.3 and below, version 6.3.23 and below may allow an authenticated attacker to perform unauthorized ADOM operations via crafted requests.
ИИ-АнализНа базе ИИ
Затронутые продукты
fortinetfortiweb
fortinetfortiweb
fortinetfortiweb
fortinetfortiweb
fortinetfortiweb
Ссылки
- https://fortiguard.fortinet.com/psirt/FG-IR-23-474Vendor Advisory
- https://fortiguard.fortinet.com/psirt/FG-IR-23-474Vendor Advisory