Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration file via the recovery URL.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiSandbox 安全漏洞
Vulnerability Description
Fortinet FortiSandbox是美国飞塔(Fortinet)公司的一款APT(高级持续性威胁)防护设备。该设备提供双重沙盒技术、动态威胁智能系统、实时控制面板和报告等功能。 Fortinet FortiSandbox 中存在安全漏洞,该漏洞源于产品的下载配置文件功能缺少对用户的有效验证。攻击者可通过恢复URL下载功能获得未经授权的访问权限。以下产品及版本受到影响:Fortinet FortiSandbox 3.1.0 至 3.1.4,Fortinet FortiSandbox 3.2.0 至
CVSS Information
N/A
Vulnerability Type
N/A