An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-20-235 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-03-04T17:27:43
Updated: 2024-08-03T18:30:24.008Z
Reserved: 2021-01-04T00:00:00
Link: CVE-2021-22128
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-03-04T18:15:13.130
Modified: 2022-07-12T17:42:04.277
Link: CVE-2021-22128
Redhat
No data.