CVE-2024-36511
LOWDescription
An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web Application Firewall (WAF) 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions when cookie security policy is enabled may allow an attacker, under specific conditions, to retrieve the initial encrypted and signed cookie protected by the feature
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| fortinet | fortiadc |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-36511? +
How severe is CVE-2024-36511? +
What products are affected by CVE-2024-36511? +
How do I check if I'm vulnerable to CVE-2024-36511? +
Related Vulnerabilities
Backpropagate is a Python library for fine-tuning large language models on a single GPU. In versions 1.1.0 and 1.1.1, the …
DVP80ES3 with Improperly Implemented Security Check for Standard vulnerability.
Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.28.1 and below, given any pre-existing XSS / …
In liboauth2 the Demonstrating Proof-of-Possession (DPoP) verifier accepts a proof whose JSON Web Key (jwk) header contains private key material. …
The Client secret is not checked when using the OAuth Password grant type. By exploiting this vulnerability, an attacker could …
Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment.