Fortinet FortiWeb has an unspecified vulnerability (CNVD-2021-101136)

2021-12-1300:00:00

China National Vulnerability Database

www.cnvd.org.cn

0.004 Low

EPSS

Percentile

72.7%

JSON

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content. A security vulnerability exists that could be exploited by an unauthenticated attacker to bypass the authentication process and authenticate as a legitimate cluster peer.

CPENameOperatorVersion
Fortinet FortiWebeq6.4.0
Fortinet FortiWebeq6.4.1
Fortinet FortiWeb >=6.3.0，le6.3.15
Fortinet FortiWeb >=6.2.0，le6.2.6
Fortinet FortiWeb >=6.1.0，le6.1.2
Fortinet FortiWeb >=6.0.0，le6.0.7

Name	Operator	Version
Fortinet FortiWeb	eq	6.4.0
Fortinet FortiWeb	eq	6.4.1
Fortinet FortiWeb >=6.3.0，	le	6.3.15
Fortinet FortiWeb >=6.2.0，	le	6.2.6
Fortinet FortiWeb >=6.1.0，	le	6.1.2
Fortinet FortiWeb >=6.0.0，	le	6.0.7

0.004 Low

EPSS

Percentile

72.7%

JSON

Related for CNVD-2021-101136