CVE-2024-23107 Information

Description

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiWeb version 7.4.0 version 7.2.4 and below version 7.0.8 and below 6.3 all versions may allow an authenticated attacker to read password hashes of other administrators via CLI commands.

Reference

https://fortiguard.fortinet.com/psirt/FG-IR-23-191