CVE

CVE-2017-14191

admin

CVE-2017-14191

An Improper Access Control vulnerability in Fortinet FortiWeb 5.6.0 and above under "Signed Security Mode", allows attacker to bypass the signed user cookie protection by removing the FortiWeb own protection session cookie. A fix is scheduled in upcoming FortiWeb v6.1.0.

Source: CVE-2017-14191

Exit mobile version