VYPR
Unrated severityNVD Advisory· Published Sep 6, 2021· Updated Oct 25, 2024

CVE-2021-24006

CVE-2021-24006

Description

An improper access control vulnerability in FortiManager versions 6.4.0 to 6.4.3 may allow an authenticated attacker with a restricted user profile to access the SD-WAN Orchestrator panel via directly visiting its URL.

Affected products

2
  • Fortinet/Fortimanagerllm-fuzzy2 versions
    6.4.0 – 6.4.3+ 1 more
    • (no CPE)range: 6.4.0 – 6.4.3
    • (no CPE)range: FortiManager 6.4.0 to 6.4.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.