CVE-2013-4604

MEDIUM

Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role.

CVSS v2.0 Score

6.5

/ 10.0

MEDIUM

AV:N/AC:L/Au:S/C:P/I:P/A:P

Information

Published: 25 juin 2013
Updated: 29 avr. 2026
Status: Modified
Source: cve@mitre.org

Affected products

fortinet fortiosAll Fortinet FortiOS CVEs →

Versions : 5.0.2, 5.0.1

Weaknesses (CWE)

CWE-264

References (2)

http://www.fortiguard.com/advisory/FGA-2013-20/
http://www.fortiguard.com/advisory/FGA-2013-20/

Similar CVEs

Other vulnerabilities of type CWE-264

Loading…

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring