Количество 3
Количество 3
CVE-2021-24019
An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and below, 6.2.8 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical attacks)
GHSA-qw2f-33vp-25mq
An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and below, 6.2.8 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical attacks)
BDU:2021-04963
Уязвимость сервера для управления программами Fortinet FortiClient Enterprise Management Server (EMS), связанная с ошибками при управлении сенасом, позволяющая нарушителю повысить свои привилегии
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-24019 An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and below, 6.2.8 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical attacks) | CVSS3: 8.1 | 15% Средний | больше 4 лет назад |
| GHSA-qw2f-33vp-25mq An insufficient session expiration vulnerability [CWE- 613] in FortiClientEMS versions 6.4.2 and below, 6.2.8 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical attacks) | 15% Средний | больше 3 лет назад | |
 | BDU:2021-04963 Уязвимость сервера для управления программами Fortinet FortiClient Enterprise Management Server (EMS), связанная с ошибками при управлении сенасом, позволяющая нарушителю повысить свои привилегии | CVSS3: 8.1 | 15% Средний | больше 4 лет назад |
Уязвимостей на страницу