Unrated severityNVD Advisory· Published Mar 4, 2021· Updated Oct 25, 2024
CVE-2021-22128
CVE-2021-22128
Description
An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality.
Affected products
22.0.0, <=1.2.9+ 1 more
- (no CPE)range: 2.0.0, <=1.2.9
- (no CPE)range: FortiProxy 2.0.0, 1.2.9 and below
Patches
Vulnerability mechanics
References
1- fortiguard.com/advisory/FG-IR-20-235mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.