Vulnerabilities > CVE-2024-36511 - Unspecified vulnerability in Fortinet Fortiadc

CVSS 3.7 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

high complexity

fortinet

NVD

Published: 2024-09-10

Updated: 2024-09-20

Summary

An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web Application Firewall (WAF) 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions when cookie security policy is enabled may allow an attacker, under specific conditions, to retrieve the initial encrypted and signed cookie protected by the feature

Vulnerable Configurations

Part	Description	Count
Application	Fortinet Fortinet Fortiadc 6.0.0 Fortinet Fortiadc 6.0.1 Fortinet Fortiadc 6.0.2 Fortinet Fortiadc 6.0.3 Fortinet Fortiadc 6.0.4 Fortinet Fortiadc 6.1.0 Fortinet Fortiadc 6.1.1 Fortinet Fortiadc 6.1.2 Fortinet Fortiadc 6.1.3 Fortinet Fortiadc 6.1.4 Fortinet Fortiadc 6.1.5 Fortinet Fortiadc 6.1.6 Fortinet Fortiadc 6.2.0 Fortinet Fortiadc 6.2.1 Fortinet Fortiadc 6.2.2 Fortinet Fortiadc 6.2.3 Fortinet Fortiadc 6.2.4 Fortinet Fortiadc 6.2.5 Fortinet Fortiadc 6.2.6 Fortinet Fortiadc 7.0.0 Fortinet Fortiadc 7.0.1 Fortinet Fortiadc 7.0.2 Fortinet Fortiadc 7.0.3 Fortinet Fortiadc 7.0.4 Fortinet Fortiadc 7.0.5 Fortinet Fortiadc 7.1.0 Fortinet Fortiadc 7.1.1 Fortinet Fortiadc 7.1.2 Fortinet Fortiadc 7.1.3 Fortinet Fortiadc 7.1.4 Fortinet Fortiadc 7.2.0 Fortinet Fortiadc 7.2.1 Fortinet Fortiadc 7.2.2 Fortinet Fortiadc 7.2.3 Fortinet Fortiadc 7.2.4 Fortinet Fortiadc 7.2.5 Fortinet Fortiadc 7.2.6 Fortinet Fortiadc 7.2.7 Fortinet Fortiadc 7.4.0 Fortinet Fortiadc 7.4.1 Fortinet Fortiadc 7.4.2 Fortinet Fortiadc 7.4.3 Fortinet Fortiadc 7.4.4	47

References

https://fortiguard.fortinet.com/psirt/FG-IR-22-256