An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.
CPE | Name | Operator | Version |
---|---|---|---|
fortios | eq | 7.4.0 | |
fortios | eq | 7.2.5 | |
fortios | eq | 7.4.1 | |
fortiproxy | eq | 7.4.0 | |
fortiproxy | eq | 7.4.1 |