CVE-2024-36509 | Fortinet FortiWeb up to 6.3.23/7.0.10/7.2.10/7.4.3/7.6.0 Log Access Event Page exposure of sensitive system information to an unauthorized control sphere (FG-IR-24-180)

Posted by Angelo Barbosa | Nov 12, 2024 | CVE

A vulnerability was found in Fortinet FortiWeb up to 6.3.23/7.0.10/7.2.10/7.4.3/7.6.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Log Access Event Page. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere.

This vulnerability is known as CVE-2024-36509. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-36509 | Fortinet FortiWeb up to 6.3.23/7.0.10/7.2.10/7.4.3/7.6.0 Log Access Event Page exposure of sensitive system information to an unauthorized control sphere (FG-IR-24-180)

Related Posts

CVE-2024-35645 | vinoth06 Random Banner Plugin up to 4.2.8 on WordPress cross site scripting

CVE-2024-27098 | GLPI up to 10.0.12 server-side request forgery

CVE-2024-28429 | DedeCMS 5.7 /dede/archives_do.php cross-site request forgery

CVE-2024-6355 | Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01_09_01_12 /status/product_info/ product_info cross site scripting