Components Affected
Overview
Multiple vulnerabilities were identified in Fortinet products. Where an attacker could exploit the vulnerability by sending specially crafted requests to an affected system.
Description
Multiple vulnerabilities have been discovered in various Fortinet products, posing a significant security risk. An improper privilege management vulnerability [CWE-269] in a FortiOS & FortiProxy HA cluster may allow an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests and could execute unauthorized code or commands.
Impact
Solution/ Workarounds
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
Reference
Disclaimer
The information provided herein is on an “as is” basis, without warranty of any kind.