5 matches found
Fortinet FortiWeb Insufficient protections against XSS and CSRF (FG-IR-23-068)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-068 advisory. - A protection mechanism failure in Fortinet FortiWeb 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.0 through 6.4.3, 6.3.6...
Fortinet Releases Security Updates for Multiple Products
Fortinet has released security updates to address vulnerabilities CVE-2023-29183 and CVE-2023-34984 affecting FortiOS, FortiProxy, and FortiWeb. A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review...
CVE-2023-34984
A protection mechanism failure in Fortinet FortiWeb 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.0 through 6.4.3, 6.3.6 through 6.3.23 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests...
CVE-2023-34984
Fortinet FortiWeb is affected by CVE-2023-34984 due to a protection mechanism failure that allows an attacker to execute unauthorized code or commands via specially crafted HTTP requests. Affected versions include FortiWeb 6.3.6–6.3.23, 6.4.0–6.4.3, 7.0.0–7.0.6, and 7.2.0–7.2.1. The issue is docu...
CVE-2023-34984
A protection mechanism failure in Fortinet FortiWeb 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.0 through 6.4.3, 6.3.6 through 6.3.23 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests...