We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2018-1354



Description

An improper access control vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows a regular user edit the avatar picture of other users with arbitrary content.

Reserved 2017-12-11 | Published 2018-06-27 | Updated 2024-10-25 | Assigner fortinet

Problem types

Improper Access Control

Product status

FortiManager 6.0.0, 5.6.5 and below versions
affected

FortiAnalyzer 6.0.0, 5.6.5 and below versions
affected

References

www.securitytracker.com/id/1041183 (1041183) vdb-entry

fortiguard.com/advisory/FG-IR-18-014

www.securitytracker.com/id/1041182 (1041182) vdb-entry

www.securityfocus.com/bid/104537 (104537) vdb-entry

cve.org (CVE-2018-1354)

nvd.nist.gov (CVE-2018-1354)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2018-1354

Support options

Helpdesk Chat, Email, Knowledgebase