A unintended proxy or intermediary ('confused deputy') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows an unauthenticated attacker to access protected hosts via crafted HTTP requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-21-123 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-12-08T13:11:05
Updated: 2024-08-04T00:54:50.147Z
Reserved: 2021-07-06T00:00:00
Link: CVE-2021-36190
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-12-08T14:15:09.527
Modified: 2023-08-08T14:21:49.707
Link: CVE-2021-36190
Redhat
No data.