A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to use the device as a proxy and reach external or protected hosts via redirection handlers.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-21-168 |
History
Fri, 25 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-12-08T12:33:18
Updated: 2024-10-25T13:40:38.183Z
Reserved: 2021-10-28T00:00:00
Link: CVE-2021-43064
Vulnrichment
Updated: 2024-08-04T03:47:13.307Z
NVD
Status : Modified
Published: 2021-12-08T13:15:08.073
Modified: 2024-11-21T06:28:37.703
Link: CVE-2021-43064
Redhat
No data.