Unrated severityNVD Advisory· Published Sep 6, 2021· Updated Oct 25, 2024
CVE-2021-24006
CVE-2021-24006
Description
An improper access control vulnerability in FortiManager versions 6.4.0 to 6.4.3 may allow an authenticated attacker with a restricted user profile to access the SD-WAN Orchestrator panel via directly visiting its URL.
Affected products
26.4.0 – 6.4.3+ 1 more
- (no CPE)range: 6.4.0 – 6.4.3
- (no CPE)range: FortiManager 6.4.0 to 6.4.3
Patches
Vulnerability mechanics
References
1- fortiguard.com/advisory/FG-IR-20-061mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.