CyberSec.Space Logo
Back to CVE Browser

CVE-2021-43076

MEDIUM
6.3
CVSS Severity Score
EPSS Score0.1830%
EPSS Percentile17.55th
PublishedSep 6, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

An improper privilege management vulnerability [CWE-269] in FortiADC versions 6.2.1 and below, 6.1.5 and below, 6.0.4 and below, 5.4.5 and below and 5.3.7 and below may allow a remote authenticated attacker with restricted user profile to modify the system files using the shell access.

Affected Platforms (CPE)

πŸ“¦
Fortinet

Fortiadc

>= 5.3.0 and <= 5.3.7
πŸ“¦
Fortinet

Fortiadc

>= 5.4.0 and <= 5.4.5
πŸ“¦
Fortinet

Fortiadc

>= 6.0.0 and <= 6.0.4
πŸ“¦
Fortinet

Fortiadc

>= 6.1.0 and <= 6.1.5
πŸ“¦
Fortinet

Fortiadc

= 6.2.0
πŸ“¦
Fortinet

Fortiadc

= 6.2.1

References & Advisories

πŸ”— https://fortiguard.com/psirt/FG-IR-21-215
πŸ”— https://fortiguard.com/psirt/FG-IR-21-215

Related Vulnerabilities

CVE-2020-92866.5

An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low privileges to perform certain a...

CVE-2014-85826.4

FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote attackers to o...

CVE-2020-66475.4

An improper neutralization of input vulnerability in the dashboard of FortiADC may allow an authenticated attacker to perform a cr...

CVE-2019-66995.4

An improper neutralization of input vulnerability in Fortinet FortiADC 5.3.3 and earlier may allow an attacker to execute a stored...