CVE-2024-23667 | Fortinet FortiWebManager up to 6.0.2/6.2.4/6.3.0/7.0.4/7.2.0 HTTP Request Handler/CLI improper authorization (FG-IR-23-222)

Inserito da Angelo Barbosa | Giu 3, 2024 | CVE

A vulnerability classified as critical was found in Fortinet FortiWebManager up to 6.0.2/6.2.4/6.3.0/7.0.4/7.2.0. Affected by this vulnerability is an unknown functionality of the component HTTP Request Handler/CLI. The manipulation leads to improper authorization.

This vulnerability is known as CVE-2024-23667. Local access is required to approach this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23667 | Fortinet FortiWebManager up to 6.0.2/6.2.4/6.3.0/7.0.4/7.2.0 HTTP Request Handler/CLI improper authorization (FG-IR-23-222)

Post correlati

CVE-2024-33255 | JerryScript cefd391 ecma_free_string_list assertion (Issue 5135)

CVE-2023-49574 | Flexense VX Search Enterprise 10.2.14 /add_job job_name cross site scripting

CVE-2024-29736 | Apache CXF up to 3.5.8/3.6.3/4.0.4 WADL Stylesheet server-side request forgery

CVE-2024-5836 | Google Chrome prior 126.0.6478.54 DevTools Remote Code Execution (ID 341875)