CVE-2024-46671

MEDIUM Year: 2024
CVSS v3 Score
6.2
Medium
Weakness Type
CWE-286
View all →

Vulnerability Description

An Incorrect User Management vulnerability [CWE-286] in FortiWeb version 7.6.2 and below, version 7.4.6 and below, version 7.2.10 and below, version 7.0.11 and below widgets dashboard may allow an authenticated attacker with at least read-only admin permission to perform operations on the dashboard of other administrators via crafted requests.

Related Vulnerabilities

CVE-2023-3932

MEDIUM
CVSS:6.5(Medium)

An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was...

CWE-2862023

CVE-2024-45425

MEDIUM
CVSS:6.5(Medium)

Incorrect user management in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access.

CWE-2862024

CVE-2024-27269

MEDIUM
CVSS:6.8(Medium)

IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. IBM X-Force ID: 284575.

CWE-2862024

CVE-2023-20253

MEDIUM
CVSS:5.5(Medium)

A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll bac...

CWE-2862023

CVE-2023-3914

MEDIUM
CVSS:5.3(Medium)

A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. A service account is not deleted when a n...

CWE-2862023

CVE-2024-29296

MEDIUM
CVSS:5.3(Medium)

A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user t...

CWE-2862024