CVE-2024-45328

Name of the Vulnerable Software and Affected Versions: FortiSandbox versions 4.4.0 through 4.4.6

Description: An incorrect authorization issue may allow a low-privileged administrator to execute elevated CLI commands via the GUI console menu. This could potentially lead to privilege escalation.

Recommendations: For FortiSandbox versions 4.4.0 through 4.4.6, consider restricting access to the GUI console menu to prevent low-privileged administrators from executing elevated CLI commands until a patch is available. As a temporary workaround, limit the privileges of administrators to minimize the risk of exploitation.