Security Advisory

CVE-2021-41032

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-05-04 15:25:15
Last updated 2024-10-22 20:57:47
Assigner fortinet
State PUBLISHED

Description

An improper access control vulnerability [CWE-284] in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attacker with a restricted user profile to gather sensitive information and modify the SSL-VPN tunnel status of other VDOMs using specific CLI commands.