An improper authentication in Fortinet FortiManager version 6.4.3 and below, 6.2.6 and below allows attacker to assign arbitrary Policy and Object modules via crafted requests to the request handler.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-20-189 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-09-30T15:21:03
Updated: 2024-08-03T19:14:10.063Z
Reserved: 2021-01-13T00:00:00
Link: CVE-2021-24017
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-09-30T16:15:07.410
Modified: 2021-10-08T03:12:18.733
Link: CVE-2021-24017
Redhat
No data.