Lucene search
FortiGuard LabsFG-IR-21-102HistoryNov 02, 2021 - 12:00 a.m.
FortiPortal - Improper thread synchronization for database operations
2021-11-0200:00:00
FortiGuard Labs
www.fortiguard.com
14
0.001 Low
EPSS
Percentile
21.7%
A concurrent execution using shared resource with improper Synchronization vulnerability (‘Race Condition’) [CWE-362] in the customer database interface of FortiPortal may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific coordination of web requests.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fortiportal | eq | 6.0.5 | |
| fortiportal | eq | 6.0.4 | |
| fortiportal | eq | 6.0.3 | |
| fortiportal | eq | 6.0.2 | |
| fortiportal | eq | 6.0.1 | |
| fortiportal | eq | 6.0.0 | |
| fortiportal | eq | 5.3.6 | |
| fortiportal | eq | 5.3.5 | |
| fortiportal | eq | 5.3.4 | |
| fortiportal | eq | 5.3.3 |
Related
cvelist
cvelist
CVE-2021-36181
2021-11-02 17:22:57
prion
prion
Race condition
2021-11-02 18:15:00
nvd
nvd
CVE-2021-36181
2021-11-02 18:15:08
cve
cve
CVE-2021-36181
2021-11-02 18:15:08