4 matches found
CVE-2023-44255
An exposure of sensitive information to an unauthorized actor CWE-200 in Fortinet FortiManager before 7.4.2, FortiAnalyzer before 7.4.2 and FortiAnalyzer-BigData before 7.2.5 may allow a privileged attacker with administrative read permissions to read event logs of another adom via crafted HTTP o...
CVE-2023-44255
An exposure of sensitive information to an unauthorized actor CWE-200 in Fortinet FortiManager before 7.4.2, FortiAnalyzer before 7.4.2 and FortiAnalyzer-BigData before 7.2.5 may allow a privileged attacker with administrative read permissions to read event logs of another adom via crafted HTTP o...
CVE-2023-44255
Fortinet CVE-2023-44255 affects FortiManager (before 7.4.2), FortiAnalyzer (before 7.4.2), and FortiAnalyzer-BigData (before 7.2.5). The root cause is insufficient access control, allowing a privileged attacker with administrative read permissions to read event logs of another ADOM via crafted HT...
Design/Logic Flaw
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative read-only privileges to download files that should be restricted. This vulnerability is due to incorrect permissions settings on an affecte...