Description

An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI.

Related CPE's

a

fortinet

fortiwebmanager

5

References

https://fortiguard.fortinet.com/psirt/FG-IR-23-222

Vendor Advisory

https://fortiguard.fortinet.com/psirt/FG-IR-23-222

Vendor Advisory

Weaknesses

[email protected]

Secondary
CWE-285

[email protected]

Primary
NVD-CWE-noinfo

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 · High

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2024-06-03T08:15:13.523Z

1 year ago

Last modified

2024-12-17T15:35:25.233Z

1 year ago