An improper access control vulnerability [CWE-284] in FortiWeb versions 6.4.1 and below and 6.3.15 and below in the Report Browse section of Log & Report may allow an unauthorized and unauthenticated user to access the Log reports via their URLs.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-21-138 |
History
Fri, 25 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-12-08T13:33:58
Updated: 2024-10-25T13:39:22.915Z
Reserved: 2021-09-13T00:00:00
Link: CVE-2021-41013
Vulnrichment
Updated: 2024-08-04T02:59:31.068Z
NVD
Status : Modified
Published: 2021-12-08T17:15:10.987
Modified: 2024-11-21T06:25:15.580
Link: CVE-2021-41013
Redhat
No data.