CVE-2023-36556 (fortimail) | allinfosecnews.com

Oct. 10, 2023, 5:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

An incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.5 and below 6.4.7 allows an authenticated attacker to login on other users accounts from the same web domain via crafted HTTP or HTTPs requests.

accounts attacker authorization cve cwe domain http https login requests version vulnerability web webmail

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov

android bypass check cve +10

Sr. Cloud Security Engineer

@ BLOCKCHAINS | USA - Remote

View on infosec-jobs.com

Network Security (SDWAN: Velocloud) Infrastructure Lead

@ Sopra Steria | Noida, Uttar Pradesh, India

View on infosec-jobs.com

Senior Python Engineer, Cloud Security

@ Darktrace | Cambridge

View on infosec-jobs.com

Senior Security Consultant

@ Nokia | United States

View on infosec-jobs.com

Manager, Threat Operations

@ Ivanti | United States, Remote

View on infosec-jobs.com

Lead Cybersecurity Architect - Threat Modeling | AWS Cloud Security

@ JPMorgan Chase & Co. | Columbus, OH, United States

View on infosec-jobs.com