A lack of custom error pages vulnerability [CWE-756] in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTP(s) paths.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-288 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-09-13T12:29:15.591Z
Updated: 2024-08-02T12:23:30.828Z
Reserved: 2023-03-09T10:09:33.120Z
Link: CVE-2023-27998
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-09-13T13:15:08.200
Modified: 2023-11-07T04:10:22.310
Link: CVE-2023-27998
Redhat
No data.