An information disclosure vulnerability in Web Vulnerability Scan profile of Fortinet's FortiWeb version 6.2.x below 6.2.4 and version 6.3.x below 6.3.5 may allow a remote authenticated attacker to read the password used by the FortiWeb scanner to access the device defined in the scan profile.
References
Link | Resource |
---|---|
https://fortiguard.com/advisory/FG-IR-20-076 | Vendor Advisory |
https://www.fortiguard.com/psirt/FG-IR-20-076 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2021-04-12T14:11:25
Updated: 2021-04-12T14:11:25
Reserved: 2020-07-24T00:00:00
Link: CVE-2020-15942
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-04-12T15:15:14.000
Modified: 2022-06-28T14:11:45.273
Link: CVE-2020-15942
JSON object: View
Redhat Information
No data.
CWE