VYPR
Unrated severityNVD Advisory· Published Feb 27, 2023· Updated Oct 23, 2024

CVE-2023-22636

CVE-2023-22636

Description

An unauthorized configuration download vulnerability in FortiWeb 6.3.6 through 6.3.21, 6.4.0 through 6.4.2 and 7.0.0 through 7.0.4 may allow a local attacker to access confidential configuration files via a crafted http request.

Affected products

2
  • Fortinet/Fortiwebllm-fuzzy2 versions
    >=6.3.6, <=6.3.21 || >=6.4.0, <=6.4.2 || >=7.0.0, <=7.0.4+ 1 more
    • (no CPE)range: >=6.3.6, <=6.3.21 || >=6.4.0, <=6.4.2 || >=7.0.0, <=7.0.4
    • (no CPE)range: 7.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.