CVE-2024-23670 | Fortinet FortiWebManager up to 7.2.0 HTTP Request improper authorization (FG-IR-23-222)
A vulnerability was found in Fortinet FortiWebManager up to 6.0.2/6.2.4/6.3.0/7.0.4/7.2.0. It has been declared as critical. The affected element is an unknown function of the component HTTP Request Handler. Such manipulation leads to improper authorization.
This vulnerability is listed as CVE-2024-23670. The attack must be carried out locally. There is no available exploit.
It is recommended to upgrade the affected component.