Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A improper access control in Fortinet FortiPortal version 7.0.0 through 7.0.6, Fortinet FortiPortal version 7.2.0 through 7.2.1 allows attacker to escalate its privilege via specifically crafted HTTP requests.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
访问控制不恰当
Vulnerability Title
Fortinet FortiPortal 访问控制错误漏洞
Vulnerability Description
Fortinet FortiPortal是美国飞塔(Fortinet)公司的FortiGate、FortiWiFi 和 FortiAP 产品线的高级、功能丰富的托管安全分析和管理支持工具,可作为虚拟机供 MSP 使用。 Fortinet FortiPortal 7.0.0版本至7.0.6版本、Fortinet FortiPortal 7.2.0版本至7.2.1版本存在访问控制错误漏洞,该漏洞源于访问控制不当。攻击者利用该漏洞通过特制的 HTTP 请求升级其权限。
CVSS Information
N/A
Vulnerability Type
N/A