Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2026/01/09 9:21 a.m.10 views

CVE-2021-41013

An improper access control vulnerability CWE-284 in FortiWeb versions 6.4.1 and below and 6.3.15 and below in the Report Browse section of Log & Report may allow an unauthorized and unauthenticated user to access the Log reports via their URLs...

5.3CVSS6.9AI score0.00941EPSS
Exploits0References1
nessus
nessus
added 2024/10/26 12:0 a.m.8 views

Fortinet FortiWeb Unauthorized user is granted access to the Reports available in the Log & Report section (FG-IR-21-138)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-138 advisory. - An improper access control vulnerability CWE-284 in FortiWeb versions 6.4.1 and below and 6.3.15 and below in the Report...

5.3CVSS5.8AI score0.00941EPSS
Exploits0References2
circl
circl
added 2021/12/08 8:22 p.m.6 views

CVE-2021-41013

creationtimestamp| type| source ---|---|--- 2021-12-08 20:22:48+00:00| seen| https://t.me/cibsecurity/33615...

5.3CVSS5.5AI score0.00941EPSS
Exploits0References1
cve
cve
added 2021/12/08 1:33 p.m.51 views

CVE-2021-41013

CVE-2021-41013 : FortiWeb versions 6.4.1 and below and 6.3.15 and below expose a security flaw in the Log & Report section (Report Browse) where an unauthorized, unauthenticated user can access Log reports via their URLs due to an improper access control (CWE-284). Affects FortiWeb’s web applicat...

5.3CVSS5.2AI score0.00941EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder