Lucene search
FortiGuard LabsFG-IR-20-189HistorySep 07, 2021 - 12:00 a.m.
FortiManager - Access Control missing in P&O module assignment vulnerability
2021-09-0700:00:00
FortiGuard Labs
www.fortiguard.com
17
fortimanager
access control
vulnerability
authentication
global policy package
EPSS
0.001
Percentile
22.7%
An improper authentication vulnerability [CWE-287] in FortiManager may allow a standard user to assign or un-assign a global policy package via a POST request to flatui/json module.
Related
cve
cve
CVE-2021-24017
2021-09-30 16:15:07
cvelist
cvelist
CVE-2021-24017
2021-09-30 15:21:03
prion
prion
Authentication flaw
2021-09-30 16:15:00
cnvd
cnvd
Fortinet FortiManager Licensing Issue Vulnerability
2021-09-09 00:00:00
nvd
nvd
CVE-2021-24017
2021-09-30 16:15:07