CVE-2021-41020
published 2022-05-04CVE-2021-41020: An improper access control vulnerability [CWE-284] in FortiIsolator versions 2.3.2 and below may allow an authenticated, non privileged attacker to regenerate…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
An improper access control vulnerability [CWE-284] in FortiIsolator versions 2.3.2 and below may allow an authenticated, non privileged attacker to regenerate the CA certificate via the regeneration URL.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortiisolator | — | — |
| fortinet | fortiisolator | >= 2.3.0 < 2.3.3 | 2.3.3 |
| fortinet | fortinet_fortiisolator | — | — |