CVE-2017-14189

An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully…

fortinet·CWE-521·Published 2017-11-29

CVSS

—

EPSS

0.03

KEV

Exploits

cve.orgen

177 chars

An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully log-in regardless the provided password.

NVDen

177 chars

An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully log-in regardless the provided password.

NVDes

256 chars

Una vulnerabilidad de control de acceso incorrecto en Fortinet FortiWebManager 5.8.0 permite que cualquiera que pueda acceder a la interfaz de usuario web de administrador pueda iniciar sesión correctamente, independientemente de la contraseña introducida.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	10.0	10.0	10.0	AV:N/AC:L/Au:N/C:C/I:C/A:C
3.0	Primary	NVD	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H