Unrated severityNVD Advisory· Published May 4, 2022· Updated Oct 22, 2024
CVE-2021-41032
CVE-2021-41032
Description
An improper access control vulnerability [CWE-284] in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attacker with a restricted user profile to gather sensitive information and modify the SSL-VPN tunnel status of other VDOMs using specific CLI commands.
Affected products
2Patches
Vulnerability mechanics
References
1- fortiguard.com/psirt/FG-IR-21-147mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.