exploitDog

GHSA-4662-9qvh-xxm7

Опубликовано: 09 дек. 2021

Источник: github

Github: Не прошло ревью

CVSS3: 6.3

Описание

A unintended proxy or intermediary ('confused deputy') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows an unauthenticated attacker to access protected hosts via crafted HTTP requests.

A unintended proxy or intermediary ('confused deputy') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows an unauthenticated attacker to access protected hosts via crafted HTTP requests.

Ссылки

EPSS

Процентиль: 65%

0.00491

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-610

Связанные уязвимости

CVE-2021-36190

CVSS3: 5.5

nvd

около 4 лет назад

A unintended proxy or intermediary ('confused deputy') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows an unauthenticated attacker to access protected hosts via crafted HTTP requests.

EPSS

Процентиль: 65%

0.00491

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-610