01642 06 11 11 Arrange Call

Arbitrary Module Assignment Vulnerability in Fortinet FortiManager

CVE-2021-24017 · MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CVE-2021-24017

An improper authentication in Fortinet FortiManager version 6.4.3 and below, 6.2.6 and below allows attacker to assign arbitrary Policy and Object modules via crafted requests to the request handler.

Learn more about our Cis Benchmark Audit For Fortinet.