How severe is CVE-2024-36511?

This vulnerability has a severity rating of LOW with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2024-36511?

This is classified as CWE-358, which is a common weakness in software security.

CVE-2024-36511 - LOW Severity | CVSS 3.7

Vulnerability Description

An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web Application Firewall (WAF) 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions when cookie security policy is enabled may allow an attacker, under specific conditions, to retrieve the initial encrypted and signed cookie protected by the feature

Related Vulnerabilities

CVE-2020-25684

LOW

CVSS:3.7(Low)

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending...

CWE-3582020

CVE-2020-25686

LOW

CVSS:3.7(Low)

A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 1...

CWE-3582020

CVE-2021-3448

MEDIUM

CVSS:4.0(Medium)

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the netw...

CWE-3582021

CVE-2017-2604

MEDIUM

CVSS:4.3(Medium)

In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).

CWE-3582017

CVE-2017-2611

MEDIUM

CVSS:4.3(Medium)

Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes (SECURITY-389). The URLs /workspaceCleanup and /fingerprintCleanup did not perform permiss...

CWE-3582017

CVE-2020-10743

MEDIUM

CVSS:4.3(Medium)

It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to...

CWE-3582020