CVE-2023-36633
CVSS V2 None
CVSS V3 None
Description
An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests.
Overview
- CVE ID
- CVE-2023-36633
- Assigner
- fortinet
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-11-14T18:07:46.082Z
- Last Modified Date
- 2023-11-14T18:07:46.082Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://fortiguard.com/psirt/FG-IR-23-203 |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-36633 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36633 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-25 16:44:32 | Added to TrackCVE |