CVE-2024-36509

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and below, version 6.3.23 and below may allow an authenticated attacker to access the encrypted passwords of other administrators via the "Log Access Event" logs page.

CVSS v3 4.4 MEDIUM

4.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://fortiguard.fortinet.com/psirt/FG-IR-24-180	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:fortinet:fortiweb::::::::
	cpe:2.3:a:fortinet:fortiweb:7.6.0:::::::*

History

14 Nov 2024, 20:33

Type	Values Removed	Values Added
First Time		Fortinet Fortinet fortiweb
CPE		cpe:2.3:a:fortinet:fortiweb:::::::: cpe:2.3:a:fortinet:fortiweb:7.6.0:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~4.2~~	v2 : unknown v3 : 4.4
References	~~() https://fortiguard.fortinet.com/psirt/FG-IR-24-180 -~~	() https://fortiguard.fortinet.com/psirt/FG-IR-24-180 - Vendor Advisory

13 Nov 2024, 17:01

Type	Values Removed	Values Added
Summary		(es) Una exposición de información confidencial del sistema a una vulnerabilidad de esfera de control no autorizada [CWE-497] en FortiWeb versión 7.6.0, versión 7.4.3 y anteriores, versión 7.2.10 y anteriores, versión 7.0.10 y anteriores, versión 6.3.23 y anteriores puede permitir que un atacante autenticado acceda a las contraseñas cifradas de otros administradores a través de la página de registros "Evento de acceso al registro".

12 Nov 2024, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-12 19:15

Updated : 2024-11-14 20:33

NVD link : CVE-2024-36509

Mitre link : CVE-2024-36509

CVE.ORG link : CVE-2024-36509

JSON object : View

Products Affected

fortinet

fortiweb

CWE

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

{"id": "CVE-2024-36509", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 0.8}, {"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.6}]}, "published": "2024-11-12T19:15:10.440", "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-180", "tags": ["Vendor Advisory"], "source": "psirt@fortinet.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@fortinet.com", "description": [{"lang": "en", "value": "CWE-497"}]}], "descriptions": [{"lang": "en", "value": "An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and below, version 6.3.23 and below may allow an authenticated attacker to access the encrypted passwords of other administrators via the \"Log Access Event\" logs page."}, {"lang": "es", "value": "Una exposici\u00f3n de informaci\u00f3n confidencial del sistema a una vulnerabilidad de esfera de control no autorizada [CWE-497] en FortiWeb versi\u00f3n 7.6.0, versi\u00f3n 7.4.3 y anteriores, versi\u00f3n 7.2.10 y anteriores, versi\u00f3n 7.0.10 y anteriores, versi\u00f3n 6.3.23 y anteriores puede permitir que un atacante autenticado acceda a las contrase\u00f1as cifradas de otros administradores a trav\u00e9s de la p\u00e1gina de registros \"Evento de acceso al registro\"."}], "lastModified": "2024-11-14T20:33:44.727", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B0C24E1-3735-4117-8FA1-FB20D23AED9F", "versionEndExcluding": "7.4.4", "versionStartIncluding": "6.3.0"}, {"criteria": "cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28B43375-DA74-4C5F-BAEE-39F312EEF51F"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}