A unverified password change in Fortinet FortiADC version 6.2.0 up to and including 6.2.3, 6.1.x, 6.0.x, 5.x.x allows an authenticated malicious user to bypass the Old Password check in the password change form via a crafted HTTP request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiadc |