CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-43076

MEDIUM
6.3
CVSS Severity Score
EPSS Score0.1830%
EPSS Percentile17.55th
Published2022年9月6日
Last Modified2024年11月21日

Vulnerability Description

An improper privilege management vulnerability [CWE-269] in FortiADC versions 6.2.1 and below, 6.1.5 and below, 6.0.4 and below, 5.4.5 and below and 5.3.7 and below may allow a remote authenticated attacker with restricted user profile to modify the system files using the shell access.

Affected Platforms (CPE)

📦
Fortinet

Fortiadc

>= 5.3.0 and <= 5.3.7
📦
Fortinet

Fortiadc

>= 5.4.0 and <= 5.4.5
📦
Fortinet

Fortiadc

>= 6.0.0 and <= 6.0.4
📦
Fortinet

Fortiadc

>= 6.1.0 and <= 6.1.5
📦
Fortinet

Fortiadc

= 6.2.0
📦
Fortinet

Fortiadc

= 6.2.1

References & Advisories

🔗 https://fortiguard.com/psirt/FG-IR-21-215
🔗 https://fortiguard.com/psirt/FG-IR-21-215

相关漏洞威胁

CVE-2020-92866.5

An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low privileges to perform certain a...

CVE-2014-85826.4

FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote attackers to o...

CVE-2020-66475.4

An improper neutralization of input vulnerability in the dashboard of FortiADC may allow an authenticated attacker to perform a cr...

CVE-2019-66995.4

An improper neutralization of input vulnerability in Fortinet FortiADC 5.3.3 and earlier may allow an attacker to execute a stored...