Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiMail和FortiClient 数据伪造问题漏洞
Vulnerability Description
Fortinet FortiMail和FortiClient都是美国飞塔(Fortinet)公司的产品。FortiMail是一套电子邮件安全网关产品。该产品提供电子邮件安全防护和数据保护等功能。FortiClient是一种结构代理。用于在单个模块化轻量级客户端中提供保护、合规性和安全访问。 Fortinet FortiMail和FortiClient 6.2.168版本及之前版本、6.4.274版本及之前版本存在安全漏洞,该漏洞源于数据真实性验证不足。
CVSS Information
N/A
Vulnerability Type
N/A