VYPR
Medium severity6.5NVD Advisory· Published Jun 27, 2018· Updated Jun 17, 2026

CVE-2018-1354

CVE-2018-1354

Description

An improper access control vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows a regular user edit the avatar picture of other users with arbitrary content.

Affected products

3
  • Range: <=5.6.5 and 6.0.0
  • Range: <=5.6.5 and 6.0.0
  • Fortinet, Inc./Fortinet FortiManager, FortiAnalyzerv5
    Range: FortiManager 6.0.0, 5.6.5 and below versions

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.