Lucene search

K

5 matches found

CVE
CVE
added 2024/09/10 3:15 p.m.46 views

CVE-2024-36511

An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web Application Firewall (WAF) 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions when cookie security policy is enabled may allow a...

3.7CVSS7AI score0.0011EPSS
CVE
CVE
added 2024/05/14 5:15 p.m.43 views

CVE-2023-50180

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiADC version 7.4.1 and below, version 7.2.3 and below, version 7.1.4 and below, version 7.0.5 and below, version 6.2.6 and below may allow a read-only admin to view data pertaining to other ...

5.5CVSS6.3AI score0.00105EPSS
CVE
CVE
added 2024/07/09 4:15 p.m.42 views

CVE-2023-50181

An improper access control vulnerability [CWE-284] in Fortinet FortiADC version 7.4.0 through 7.4.1 and before 7.2.4 allows a read only authenticated attacker to perform some write actions via crafted HTTP or HTTPS requests.

6.5CVSS6.9AI score0.00047EPSS
CVE
CVE
added 2024/07/09 4:15 p.m.38 views

CVE-2023-50179

An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2 all versions, 7.1 all versions, 7.0 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the device and public SDN connectors.

5.9CVSS7.2AI score0.00071EPSS
CVE
CVE
added 2024/07/09 4:15 p.m.37 views

CVE-2023-50178

An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2.0 through 7.2.3, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication c...

7.4CVSS7.3AI score0.00065EPSS