CVE-2021-24011

CWE-269Improper Privilege Management4 documents4 sources
Severity
7.2HIGH
EPSS
0.4%
top 40.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fortinet FortinacFortinet Fortinet Fortinac
Timeline
PublishedMay 10
Latest updateMay 24

Description

A privilege escalation vulnerability in FortiNAC version below 8.8.2 may allow an admin user to escalate the privileges to root by abusing the sudo privileges.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages2 packages

NVDfortinet/fortinac< 8.8.2
CVEListV5fortinet/fortinet_fortinacFortiNAC 8.8.1 and below

🔴Vulnerability Details

2
GHSA
GHSA-m4cm-3mg6-8x6j: A privilege escalation vulnerability in FortiNAC version below 82022-05-24
CVEList
CVE-2021-24011: A privilege escalation vulnerability in FortiNAC version below 82021-05-10

📋Vendor Advisories

1
Fortinet
A privilege escalation vulnerability in FortiNAC version below 8.8.2 may allow an admin user to escalate the privileges...2021-05-10
CVE-2021-24011 (HIGH CVSS 7.2) | A privilege escalation vulnerabilit | cvebase.io