A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to use the device as a proxy and reach external or protected hosts via redirection handlers.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-21-168 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-12-08T12:33:18
Updated: 2024-08-04T03:47:13.307Z
Reserved: 2021-10-28T00:00:00
Link: CVE-2021-43064
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-12-08T13:15:08.073
Modified: 2021-12-09T19:17:09.680
Link: CVE-2021-43064
Redhat
No data.