CVE-2020-9294
N/A
N/A
Summary
An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated attacker to access the system as a legitimate user by requesting a password change via the user interface.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Fortinet | FortiMail | 5.4.10 | affected |
| Fortinet | FortiMail | 6.0.7 | affected |
| Fortinet | FortiMail | 6.2.2 and earlier | affected |
| Fortinet | FortiVoiceEnterprise | 6.0.0 | affected |
| Fortinet | FortiVoiceEnterprise | 6.0.1 | affected |
Weaknesses
- Improper Access Control
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.