CVE-2024-23670 | Fortinet FortiWebManager up to 6.0.2/6.2.4/6.3.0/7.0.4/7.2.0 HTTP Request improper authorization (FG-IR-23-222)

Inserito da Angelo Barbosa | Giu 3, 2024 | CVE

A vulnerability, which was classified as critical, was found in Fortinet FortiWebManager up to 6.0.2/6.2.4/6.3.0/7.0.4/7.2.0. This affects an unknown part of the component HTTP Request Handler. The manipulation leads to improper authorization.

This vulnerability is uniquely identified as CVE-2024-23670. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23670 | Fortinet FortiWebManager up to 6.0.2/6.2.4/6.3.0/7.0.4/7.2.0 HTTP Request improper authorization (FG-IR-23-222)

Post correlati

CVE-2024-38089 | Microsoft unknown vulnerability

CVE-2023-41969 | Zscaler Client Connector up to 4.3.0 on Windows link following

CVE-2023-6679 | Linux Kernel DPLL Subsystem dpll_netlink.c dpll_pin_parent_pin_set null pointer dereference

CVE-2024-35838 | Linux Kernel up to 6.1.75/6.6.14/6.7.2 mac80211 memory leak