4 matches found
CVE-2021-41013
An improper access control vulnerability CWE-284 in FortiWeb versions 6.4.1 and below and 6.3.15 and below in the Report Browse section of Log & Report may allow an unauthorized and unauthenticated user to access the Log reports via their URLs...
Fortinet FortiWeb Unauthorized user is granted access to the Reports available in the Log & Report section (FG-IR-21-138)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-138 advisory. - An improper access control vulnerability CWE-284 in FortiWeb versions 6.4.1 and below and 6.3.15 and below in the Report...
CVE-2021-41013
creationtimestamp| type| source ---|---|--- 2021-12-08 20:22:48+00:00| seen| https://t.me/cibsecurity/33615...
CVE-2021-41013
CVE-2021-41013 : FortiWeb versions 6.4.1 and below and 6.3.15 and below expose a security flaw in the Log & Report section (Report Browse) where an unauthorized, unauthenticated user can access Log reports via their URLs due to an improper access control (CWE-284). Affects FortiWeb’s web applicat...