An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web Application Firewall (WAF) 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions when cookie security policy is enabled may allow an attacker, under specific conditions, to retrieve the initial encrypted and signed cookie protected by the feature
References
Link | Resource |
---|---|
https://fortiguard.fortinet.com/psirt/FG-IR-22-256 | Vendor Advisory |
Configurations
History
20 Sep 2024, 19:43
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
First Time |
Fortinet
Fortinet fortiadc |
|
CPE | cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:* | |
References | () https://fortiguard.fortinet.com/psirt/FG-IR-22-256 - Vendor Advisory | |
Summary |
|
10 Sep 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-10 15:15
Updated : 2024-09-20 19:43
NVD link : CVE-2024-36511
Mitre link : CVE-2024-36511
CVE.ORG link : CVE-2024-36511
JSON object : View
Products Affected
fortinet
- fortiadc
CWE