exploitDog

GHSA-m2v6-594j-3c6p

Опубликовано: 04 авг. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

A unverified password change in Fortinet FortiADC version 6.2.0 through 6.2.3, 6.1.x, 6.0.x, 5.x.x allows an authenticated attacker to bypass the Old Password check in the password change form via a crafted HTTP request.

A unverified password change in Fortinet FortiADC version 6.2.0 through 6.2.3, 6.1.x, 6.0.x, 5.x.x allows an authenticated attacker to bypass the Old Password check in the password change form via a crafted HTTP request.

Ссылки

EPSS

Процентиль: 33%

0.00133

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-863

Связанные уязвимости

CVE-2022-27484

CVSS3: 5.4

nvd

больше 3 лет назад

A unverified password change in Fortinet FortiADC version 6.2.0 through 6.2.3, 6.1.x, 6.0.x, 5.x.x allows an authenticated attacker to bypass the Old Password check in the password change form via a crafted HTTP request.

EPSS

Процентиль: 33%

0.00133

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-863