- Get link
- X
- Other Apps
Cybersecurity specialists have revealed the discovery of multiple vulnerabilities in Fortinet FortiADC; the severity of these failures varies, as well as potential exploitation scenarios.
Below is a brief profile of each of the discovered faults, with their respective Common Vulnerability Scoring System (CVSS) key.
CVE-2020-9286: This is an existing vulnerability in the affected product that exists due to inadequate access restriction, exploiting it would allow a remote threat actor to scale privileges on the target system and perform various tasks, such as restarting the device abruptly.
CVE-2020-6647: This flaw would allow remote attackers to perform cross-site scripting (XSS) attacks and exist due to insufficient disinfection of user input within the FortiADC dashboard. A remote hacker could trick a user into following a specially designed link and executes arbitrary HTML and script code in the context of an insecure website.
Comments
Post a Comment