all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Client-side enforcement of server-side security related to customer reports features

Add to bookmarks
May 14, 2024, 7 a.m. |

FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com

Client-side enforcement of server-side security vulnerability [CWE-602] in FortiPortal may allow an authenticated attacker with a customer account to access other customers information via crafted HTTP requests.

access account attacker client client-side customer customers cwe enforcement features http http requests information may reports requests security security vulnerability server vulnerability

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories

FortiOS/FortiProxy - XSS in reboot page 6 days, 19 hours ago | fortiguard.fortinet.com
access admin attacker code +18
Stack buffer overflow on bluetooth write feature 6 days, 19 hours ago | fortiguard.fortinet.com
arbitrary code arbitrary code execution attacker bluetooth +14
Blind SQL Injection 6 days, 19 hours ago | fortiguard.fortinet.com
blind command cwe download +8
Buffer overflow in fgfmd 6 days, 19 hours ago | fortiguard.fortinet.com
arbitrary code attacker buffer buffer overflow +15
FortiSOAR is vulnerable to sql injection in Event Auth API via uuid parameter 6 days, 19 hours ago | fortiguard.fortinet.com
api attacker auth code +14
Multiple buffer overflows in diag npu command 6 days, 19 hours ago | fortiguard.fortinet.com
attacker buffer buffer overflow buffer overflows +14
TunnelVision - CVE-2024-3661 6 days, 19 hours ago | fortiguard.fortinet.com
attack attacker aware bypass +18
Weak key derivation for backup file 6 days, 19 hours ago | fortiguard.fortinet.com
access admin attacker backup +14
Buffer overflow in administrative interface 1 month ago | fortiguard.fortinet.com
arbitrary code attacker buffer buffer overflow +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA
View on infosec-jobs.com

Security Compliance Manager

@ Aptiv | USA Boston Software Office 100 Northern - Eng
View on infosec-jobs.com

Senior Radar Threat Analyst | Secret clearance

@ Northern Trust | USA CA Point Mugu - 575 I Ave, Bldg 3015 (CAC212)
View on infosec-jobs.com

Space Information Systems Security Engineer (ISSE)

@ Parsons Corporation | USA VA Chantilly (Client Site)
View on infosec-jobs.com

Information Systems Security Manager -Journeyman

@ Parsons Corporation | USA CO Colorado Springs (5450 Tech Center Drive)
View on infosec-jobs.com

Information Systems Security Officer (ISSO) II

@ Northern Trust | USA CA Riverside - Customer Proprietary (CAC225)
View on infosec-jobs.com