Security Advisory

CVE-2021-36177

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-02 10:54:47
Last updated 2024-10-22 21:01:29
Assigner fortinet
State PUBLISHED

Description

An improper access control vulnerability [CWE-284] in FortiAuthenticator HA service 6.3.2 and below, 6.2.x, 6.1.x, 6.0.x may allow an attacker on the same vlan as the HA management interface to make an unauthenticated direct connection to the FACs database.