Critical Infrastructure Sectors: Energy
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 up to and including 7.2.3 and prior to 7.0.10, FortiProxy version 7.2.0 up to and including 7.2.2 and prior to 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiproxy |
||
fortinet fortios |