Improper Access Control Vulnerability in FortiMail Admin WebUI

Improper Access Control Vulnerability in FortiMail Admin WebUI

CVE-2019-15707 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

An improper access control vulnerability in FortiMail admin webUI 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below may allow administrators to perform system backup config download they should not be authorized for.

Learn more about our Web App Pen Testing.