Lucene search
China National Vulnerability DatabaseCNVD-2023-18296HistoryFeb 27, 2023 - 12:00 a.m.
Fortinet FortiWeb has an unspecified vulnerability (CNVD-2023-18296)
2023-02-2700:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
fortinet fortiweb
web application layer firewall
cross-site scripting
sql injection
cookie poisoning
schema poisoning
configuration files
http requests
cnvd-2023-18296
0.0004 Low
EPSS
Percentile
5.1%
Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content. A security vulnerability exists that could be exploited to access confidential configuration files via specially crafted http requests.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fortinet fortiweb >=6.4.0, | le | 6.4.2 | |
| fortinet fortiweb >=6.3.6, | le | 6.3.21 | |
| fortinet fortiweb >=7.0.0, | le | 7.0.4 |
Related
nessus
nessus
Fortinet FortiWeb - Unauthorized Configuration Download (FG-IR-22-460)
2024-05-22 00:00:00
cve
cve
CVE-2023-22636
2023-02-27 09:15:09
cvelist
cvelist
CVE-2023-22636
2023-02-27 08:55:03
fortinet
fortinet
FortiWeb - Unauthorized Configuration Download Vulnerability
2023-02-16 00:00:00
prion
prion
Design/Logic Flaw
2023-02-27 09:15:00
nvd
nvd
CVE-2023-22636
2023-02-27 09:15:09