216.73.217.86

CVE-2024-23107

· Published 03/06/2024 08:15 · Modified 03/06/2024 14:46

Labels: CVE-2024-23107 2024-06-03CVE-2024-23107CWE-200[email protected]

Essential information

Published
03/06/2024 08:15
Modified
03/06/2024 14:46
Author
Creator
CVSS
5.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS metrics

Description

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiWeb version 7.4.0, version 7.2.4 and below, version 7.0.8 and below, 6.3 all versions may allow an authenticated attacker to read password hashes of other administrators via CLI commands.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References