Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An improper access control vulnerability [CWE-284] in FortiManager versions 6.4.4 and 6.4.5 may allow an authenticated attacker with a restricted user profile to modify the VPN tunnel status of other VDOMs using VPN Manager.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiManager 安全漏洞
Vulnerability Description
Fortinet FortiManager是美国飞塔(Fortinet)公司的一套集中化网络安全管理平台。该平台支持集中管理任意数量的Fortinet设备,并能够将设备分组到不同的管理域(ADOM)进一步简化多设备安全部署与管理。 FortiManager 6.4.4 和 6.4.5版本存在安全漏洞,该漏洞源于软件对于VPN 存在不正确的访问控制,这可能允许具有受限用户配置文件的经过身份验证的攻击者使用 VPN Manager 修改其他 VDOM 的 VPN 隧道状态。
CVSS Information
N/A
Vulnerability Type
N/A