An Improper Access Control vulnerability in Fortinet FortiWeb 5.6.0 up to but not including 6.1.0 under "Signed Security Mode", allows attacker to bypass the signed user cookie protection by removing the FortiWeb own protection session cookie.
Metrics
Affected Vendors & Products
References
History
Fri, 25 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2018-03-20T13:00:00Z
Updated: 2024-10-25T14:09:53.139Z
Reserved: 2017-09-07T00:00:00
Link: CVE-2017-14191
Vulnrichment
Updated: 2024-08-05T19:20:40.946Z
NVD
Status : Modified
Published: 2018-03-20T13:29:00.247
Modified: 2024-11-21T03:12:19.823
Link: CVE-2017-14191
Redhat
No data.