Fortinet FortiWeb Incorrect User Management Vulnerability Allowing Dashboard Manipulation

Vulnerability

A vulnerability allowing incorrect user management has been identified in Fortinet FortiWeb versions 7.6.2 and prior, 7.4.6 and prior, 7.2.10 and prior, and 7.0.11 and prior. This vulnerability may enable an authenticated attacker with at least read-only admin rights to manipulate the dashboards of other administrators by sending crafted requests.

Impact

Exploitation of this vulnerability could lead to unauthorized modifications on the dashboards of other administrators, potentially disrupting management activities or obscuring important information.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

0.6

exploitability

5.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiWeb Incorrect User Management Vulnerability Allowing Dashboard Manipulation

Vulnerability

Impact

Affected Products

Fortinet FortiWeb

CVSS Scores

References

Vulnerability Rating