Unintended Proxy Vulnerability in Fortinet FortiWeb Affecting Multiple Versions
CVE-2021-36190
5.5MEDIUM
What is CVE-2021-36190?
The vulnerability in Fortinet FortiWeb arises from an unintended proxy or intermediary issue, allowing unauthenticated attackers to exploit crafted HTTP requests to access protected hosts. This flaw affects multiple versions of the FortiWeb product, potentially exposing sensitive data and systems to unauthorized access. Organizations using affected versions must assess their security posture and implement the necessary updates to mitigate risks.
Affected Version(s)
Fortinet FortiWeb FortiWeb 6.4.1, 6.4.0, 6.3.15, 6.3.14, 6.3.13, 6.3.12, 6.3.11, 6.3.10, 6.3.9, 6.3.8, 6.3.7, 6.3.6, 6.3.5, 6.3.4, 6.3.3, 6.3.2, 6.3.1, 6.3.0, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.1.2, 6.1.1, 6.1.0, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0