CRITICAL🇵🇱 Wersja polska

CVE-2017-7342

CVSS 9.8v3.0pub. 2019-03-25upd. 2024-11-21

A weak password recovery process vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via a hidden Close button

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fortinet Fortiportal

    APP
    Fortinet
    ≤ 4.0.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-32588CRITICAL9.8ten sam produkt

A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and bel...

CVE-2021-32590CRITICAL9.9ten sam produkt

Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0...

CVE-2017-7337CRITICAL9.1ten sam produkt

An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker t...

CVE-2025-24470HIGH8.6ten sam produkt

An Improper Resolution of Path Equivalence vulnerability [CWE-41] in FortiPortal 7.4.0 through 7.4.2, 7.2.0 th...

CVE-2021-32589HIGH8.1ten sam produkt

A Use After Free (CWE-416) vulnerability in FortiManager version 7.0.0, version 6.4.5 and below, version 6.2.7...