CVE-2019-15707

Summary

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for.

Affected Software

VendorProductVersion RangeStatus
n/aFortinet FortiMailFortiMail 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and belowaffected

Weaknesses

  • Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References