An Improper Access Control vulnerability in Fortinet FortiWeb 5.6.0 up to but not including 6.1.0 under "Signed Security Mode", allows attacker to bypass the signed user cookie protection by removing the FortiWeb own protection session cookie.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2018-03-20T13:00:00Z
Updated: 2024-09-16T19:00:31.333Z
Reserved: 2017-09-07T00:00:00
Link: CVE-2017-14191
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-03-20T13:29:00.247
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-14191
Redhat
No data.