Lucene search
PRIOn knowledge basePRION:CVE-2021-36172HistoryNov 02, 2021 - 6:15 p.m.
Xxe
2021-11-0218:15:00
PRIOn knowledge base
www.prio-n.com
3
An improper restriction of XML external entity reference vulnerability in the parser of XML responses of FortiPortal before 6.0.6 may allow an attacker who controls the producer of XML reports consumed by FortiPortal to trigger a denial of service or read arbitrary files from the underlying file system by means of specifically crafted XML documents.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fortiportal | ge | 5.1.0 | |
| fortiportal | le | 5.1.2 | |
| fortiportal | ge | 5.0.0 | |
| fortiportal | le | 5.0.3 | |
| fortiportal | ge | 4.2.0 | |
| fortiportal | le | 4.2.4 | |
| fortiportal | ge | 4.1.0 | |
| fortiportal | le | 4.1.2 | |
| fortiportal | ge | 4.0.0 | |
| fortiportal | le | 4.0.4 |
References
Related
cve
cve
CVE-2021-36172
2021-11-02 18:15:08
cnvd
cnvd
Fortinet FortiPortal has an unspecified vulnerability (CNVD-2021-84251)
2021-11-03 00:00:00
cvelist
cvelist
CVE-2021-36172
2021-11-02 17:35:11
nvd
nvd
CVE-2021-36172
2021-11-02 18:15:08
fortinet
fortinet
FortiPortal - XML parser is vulnerable to XXE attacks
2021-11-02 00:00:00