Описание
A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an unauthenticated attacker to redirect users to any arbitrary website via a crafted URL.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 8.7.0 (включая) до 9.4.2 (исключая)
Одно из
cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortinac-f:7.2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00192
Низкий
4.3 Medium
CVSS3
4.7 Medium
CVSS3
Дефекты
CWE-601
CWE-601
Связанные уязвимости
CVSS3: 4.3
github
почти 3 года назад
A URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an unauthenticated attacker to redirect users to any arbitrary website via a crafted URL.
EPSS
Процентиль: 41%
0.00192
Низкий
4.3 Medium
CVSS3
4.7 Medium
CVSS3
Дефекты
CWE-601
CWE-601