Vulnerability Database

308,485

Total vulnerabilities in the database

CVE-2017-7337

An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to interact with unauthorized VDOMs or enumerate other ADOMs via another user's stolen session and CSRF tokens or the adomName parameter in the /fpc/sec/customer/policy/getAdomVersion request.

Published: May 27, 2017
Updated: Nov 9, 2025
CVE: CVE-2017-7337
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N

CWEs:

CWE-732

Affected Software
References

Software	From	Fixed in
fortinet / fortiportal	-	4.0.0.x

https://fortiguard.com/psirt/FG-IR-17-114

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo