ГлавнаяУязвимости → CVE-2024-23670
7.8высокая

CVE-2024-23670

Описание

An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, FortiWebManager 6.3.0, FortiWebManager 6.2.3 through 6.2.4, FortiWebManager 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI.

Затрагиваемое ПО
Fortinet Fortiwebmanager
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://fortiguard.fortinet.com/psirt/FG-IR-23-222https://fortiguard.fortinet.com/psirt/FG-IR-23-222