3 matches found
CVE-2022-39945
An improper access control vulnerability CWE-284 in FortiMail 7.2.0, 7.0.0 through 7.0.3, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an authenticated admin user assigned to a specific domain to access and modify other domains information via insecure direct object references...
CVE-2022-39945
An improper access control vulnerability CWE-284 in FortiMail 7.2.0, 7.0.0 through 7.0.3, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an authenticated admin user assigned to a specific domain to access and modify other domains information via insecure direct object references...
CVE-2022-39945
Summary (CVE-2022-39945) : FortiMail contains an improper access control vulnerability (CWE-284) that can allow an authenticated admin user, when assigned to a specific domain, to access and modify information for other domains via insecure direct object references (IDOR). Affected FortiMail vers...