ГлавнаяУязвимости → CVE-2024-23668
8.8высокая

CVE-2024-23668

Описание

An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, FortiWebManager 6.3.0, FortiWebManager 6.2.3 through 6.2.4, FortiWebManager 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI.

Затрагиваемое ПО
Fortinet Fortiwebmanager
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://fortiguard.fortinet.com/psirt/FG-IR-23-222https://fortiguard.fortinet.com/psirt/FG-IR-23-222