Security Advisory

CVE-2021-26107

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-11-02 17:51:44
Last updated 2024-10-25 13:47:55
Assigner fortinet
State PUBLISHED

Description

An improper access control vulnerability [CWE-284] in FortiManager versions 6.4.4 and 6.4.5 may allow an authenticated attacker with a restricted user profile to modify the VPN tunnel status of other VDOMs using VPN Manager.