Lucene search

FortinetCVELIST:CVE-2021-24011

HistoryMay 10, 2021 - 11:43 a.m.

CVE-2021-24011

2021-05-1011:43:18

fortinet

www.cve.org

fortinac

privilege escalation

admin user

root

sudo privileges

CVSS3

6.3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS

0.001

Percentile

42.8%

JSON

A privilege escalation vulnerability in FortiNAC version below 8.8.2 may allow an admin user to escalate the privileges to root by abusing the sudo privileges.

CNA Affected

[
  {
    "product": "Fortinet FortiNAC",
    "vendor": "Fortinet",
    "versions": [
      {
        "status": "affected",
        "version": "FortiNAC 8.8.1 and below"
      }
    ]
  }
]

References

fortiguard.com/advisory/FG-IR-20-038

CVSS3

6.3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS

0.001

Percentile

42.8%

JSON

Related for CVELIST:CVE-2021-24011