3 matches found
CVE-2021-41032
An improper access control vulnerability CWE-284 in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attacker with a restricted user profile to gather sensitive information and modify the SSL-VPN tunnel status of other VDOMs using specific CLI commands...
CVE-2021-41032
CVE-2021-41032 is an improper access control vulnerability in FortiOS where an authenticated user with a restricted profile can gather sensitive information and modify the SSL-VPN tunnel state of other VDOMs via specific CLI commands. Affected products are FortiOS 6.4.8 and prior and 7.0.3 and pr...
Vulnerabilities fixed in FortiOS
Vulnerabilities have been fixed in FortiOS. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Remote code execution User Rights Access to sensitive data Access to system data Fortinet has released updates to...