EUVD-2017-5701

Malware in sbrugna...

SUSE: Security Advisory (SUSE-SU-2024:0770-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-14191

An Improper Access Control vulnerability in Fortinet FortiWeb 5.6.0 up to but not including 6.1.0 under "Signed Security Mode", allows attacker to bypass the signed user cookie protection by removing the FortiWeb own protection session cookie...

Improper access control

An Improper Access Control vulnerability in Fortinet FortiWeb 5.6.0 up to but not including 6.1.0 under "Signed Security Mode", allows attacker to bypass the signed user cookie protection by removing the FortiWeb own protection session cookie...

CVE-2017-14191

Fortinet FortiWeb is affected by CVE-2017-14191. In FortiWeb 5.6.0 up to but not including 6.1.0, operating under Signed Security Mode, an improper access control vulnerability allows an attacker to bypass the cookie protection by removing FortiWeb’s own protection session cookie. Impact stated: ...

FortiWeb's cookie tampering protection can be bypassed by erasing the FortiWeb session cookie

An improper access control vulnerability in FortiWeb's Signed Security mode may allow an attacker to disable the cookie tampering protection offered by FortiWeb to sites FortiWeb protects, via deleting FortiWeb's session cookie...