CVE-2024-36509

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and below, version 6.3.23 and below may allow an authenticated attacker to access the encrypted passwords of other administrators via the "Log Access Event" logs page.

CVSS v3 4.2 MEDIUM

4.2^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.6 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://fortiguard.fortinet.com/psirt/FG-IR-24-180	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:fortinet:fortiweb::::::::
	cpe:2.3:a:fortinet:fortiweb:7.6.0:::::::*

History

No history.

Information

Published : 2024-11-12 19:15

Updated : 2024-11-14 20:33

NVD link : CVE-2024-36509

Mitre link : CVE-2024-36509

CVE.ORG link : CVE-2024-36509

JSON object : View

Products Affected

fortinet

fortiweb

CWE

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

{"id": "CVE-2024-36509", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.6}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 0.8}]}, "published": "2024-11-12T19:15:10.440", "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-180", "tags": ["Vendor Advisory"], "source": "psirt@fortinet.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@fortinet.com", "description": [{"lang": "en", "value": "CWE-497"}]}], "descriptions": [{"lang": "en", "value": "An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and below, version 6.3.23 and below may allow an authenticated attacker to access the encrypted passwords of other administrators via the \"Log Access Event\" logs page."}, {"lang": "es", "value": "Una exposici\u00f3n de informaci\u00f3n confidencial del sistema a una vulnerabilidad de esfera de control no autorizada [CWE-497] en FortiWeb versi\u00f3n 7.6.0, versi\u00f3n 7.4.3 y anteriores, versi\u00f3n 7.2.10 y anteriores, versi\u00f3n 7.0.10 y anteriores, versi\u00f3n 6.3.23 y anteriores puede permitir que un atacante autenticado acceda a las contrase\u00f1as cifradas de otros administradores a trav\u00e9s de la p\u00e1gina de registros \"Evento de acceso al registro\"."}], "lastModified": "2024-11-14T20:33:44.727", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B0C24E1-3735-4117-8FA1-FB20D23AED9F", "versionEndExcluding": "7.4.4", "versionStartIncluding": "6.3.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28B43375-DA74-4C5F-BAEE-39F312EEF51F"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}