CVE-2024-36511

An improperly implemented security check for standard vulnerability CWE-358 in FortiADC Web Application Firewall WAF 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions when cookie security policy is enabled may allow an...

CVE-2024-36511

FortiADC Web Application Firewall (WAF) is affected by CVE-2024-36511. The issue stems from an improperly implemented security check (CWE-358) in FortiADC WAF versions 6.0–7.4.4 when the cookie security policy is enabled, potentially allowing an attacker to retrieve the initial encrypted and sign...