An improper access control vulnerability [CWE-284] in FortiIsolator versions 2.3.2 and below may allow an authenticated, non privileged attacker to regenerate the CA certificate via the regeneration URL.
CPE | Name | Operator | Version |
---|---|---|---|
fortiisolator | ge | 2.3.0 | |
fortiisolator | lt | 2.3.3 |