ID CVE-2020-6641
Summary Two authorization bypass through user-controlled key vulnerabilities in the Fortinet FortiPresence 2.1.0 administration interface may allow an attacker to gain access to some user data via portal manager or portal users parameters.
References
Vulnerable Configurations
  • cpe:2.3:a:fortinet:fortipresence:-:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortipresence:-:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortipresence:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortipresence:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortipresence:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortipresence:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortipresence:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortipresence:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortipresence:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortipresence:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortipresence:2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortipresence:2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fortinet:fortipresence:4.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:fortinet:fortipresence:4.3.0:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 10-06-2021 - 19:21)
Impact:
Exploitability:
CWE CWE-863
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:N/A:N
Last major update 10-06-2021 - 19:21
Published 02-06-2021 - 11:15
Last modified 10-06-2021 - 19:21
Back to Top