A lack of custom error pages vulnerability [CWE-756] in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTP(s) paths.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-22-288 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2023-09-13T12:29:15.591Z
Updated: 2023-09-13T12:29:15.591Z
Reserved: 2023-03-09T10:09:33.120Z
Link: CVE-2023-27998
JSON object: View
NVD Information
Status : Modified
Published: 2023-09-13T13:15:08.200
Modified: 2023-11-07T04:10:22.310
Link: CVE-2023-27998
JSON object: View
Redhat Information
No data.