Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:1 a.m.8 views

CVE-2023-36633

An improper authorization vulnerability CWE-285 in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests...

5.4CVSS6.7AI score0.0047EPSS
Exploits0
NCSC
NCSC
added 2023/11/16 12:0 a.m.5 views

Vulnerabilities fixed in Fortinet FortiMail

Fortinet has fixed vulnerabilities in FortiMail. A malicious party can exploit the vulnerability with reference CVE-2023-45582 exploited to gain brute-force access to the mail environment. The vulnerability with reference CVE-2023-36633 allows an authenticated malicious person to gain access to...

7.3CVSS7AI score0.00522EPSS
Exploits0
OSV
OSV
added 2023/11/14 6:15 p.m.2 views

CVE-2023-36633

An improper authorization vulnerability CWE-285 in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests...

5.4CVSS5.8AI score0.0047EPSS
Exploits0References1
CVE
CVE
added 2023/11/14 6:7 p.m.46 views

CVE-2023-36633

CVE-2023-36633 affects Fortinet FortiMail webmail (versions 7.2.0–7.2.2 and prior to 7.0.5). The issue is an improper authorization (CWE-285) that allows an authenticated attacker to see and modify the title of other users’ address book folders via crafted HTTP/HTTPS requests. Impact is limited t...

5.4CVSS5.4AI score0.0047EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder