CVE-2024-36509 | Fortinet FortiWeb up to 6.3.23/7.0.10/7.2.10/7.4.3/7.6.0 Log Access Event Page exposure of sensitive system information to an unauthorized control sphere (FG-IR-24-180)

Posted by Angelo Barbosa | Nov 12, 2024 | CVE

A vulnerability was found in Fortinet FortiWeb up to 6.3.23/7.0.10/7.2.10/7.4.3/7.6.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Log Access Event Page. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere.

This vulnerability is known as CVE-2024-36509. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-36509 | Fortinet FortiWeb up to 6.3.23/7.0.10/7.2.10/7.4.3/7.6.0 Log Access Event Page exposure of sensitive system information to an unauthorized control sphere (FG-IR-24-180)

Related Posts

CVE-2024-28613 | SourceCodester PHP Task Management System 1.0 task-details.php task_id sql injection

CVE-2024-8108 | Share This Image Plugin up to 2.01 on WordPress alignment cross site scripting

CVE-2021-47498 | Linux Kernel up to 5.14.13 unquiesce nr_requests denial of service (8ca9745efe35/b4459b11e840)

CVE-2024-20313 | Cisco IOS XE OSPFv2 denial of service (cisco-sa-iosxe-ospf-dos-dR9Sfrxp)