Описание
A concurrent execution using shared resource with improper Synchronization vulnerability ('Race Condition') in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific coordination of web requests.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 4.0.0 (включая) до 6.0.6 (исключая)
cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00295
Низкий
3.1 Low
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-362
Связанные уязвимости
github
больше 3 лет назад
A concurrent execution using shared resource with improper Synchronization vulnerability ('Race Condition') in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific coordination of web requests.
EPSS
Процентиль: 52%
0.00295
Низкий
3.1 Low
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-362