An unauthorized configuration download vulnerability in FortiWeb 6.3.6 through 6.3.21, 6.4.0 through 6.4.2 and 7.0.0 through 7.0.4 may allow a local attacker to access confidential configuration files via a crafted http request.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Fortiweb | Fortinet | 6.3.6 (including) | 6.3.21 (including) |
Fortiweb | Fortinet | 6.4.0 (including) | 6.4.2 (including) |
Fortiweb | Fortinet | 7.0.0 (including) | 7.0.4 (including) |