CVE-2021-43065

CWE-732Incorrect Permission Assignment3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 65.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fortinet FortinacFortinet Fortinet Fortinac
Timeline
PublishedDec 9

Description

A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system data.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDfortinet/fortinac8.8.08.8.10+2
CVEListV5fortinet/fortinet_fortinacFortiNAC 9.2.0, 9.1.3, 9.1.2, 9.1.1, 9.1.0, 8.8.9, 8.8.8, 8.8.7, 8.8.6, 8.8.5, 8.8.4, 8.8.3, 8.8.2, 8.8.1, 8.8.0

🔴Vulnerability Details

1
CVEList
CVE-2021-43065: A incorrect permission assignment for critical resource in Fortinet FortiNAC version 92021-12-09

📋Vendor Advisories

1
Fortinet
A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, ver...2021-12-09
CVE-2021-43065 (HIGH CVSS 7.8) | A incorrect permission assignment f | cvebase.io