vulnerability
Fortinet FortiManager: Insufficient Verification of Data Authenticity (CVE-2019-17654)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Mar 15, 2020 | Jul 26, 2021 | Jul 26, 2021 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Mar 15, 2020
Added
Jul 26, 2021
Modified
Jul 26, 2021
Description
An Insufficient Verification of Data Authenticity vulnerability in FortiManager 6.2.1, 6.2.0, 6.0.6 and below may allow an unauthenticated attacker to perform a Cross-Site WebSocket Hijacking (CSWSH) attack.
Solutions
fortinet-fortimanager-upgrade-6_0_6fortinet-fortimanager-upgrade-6_0_7
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.