CVE-2021-41020

Name of the Vulnerable Software and Affected Versions FortiIsolator versions 2.3.2 and below

Description The issue is related to improper access control, allowing an authenticated, non-privileged attacker to regenerate the CA certificate via a specific URL, potentially leading to unauthorized access to protected information.

Recommendations For versions 2.3.2 and below, consider restricting access to the CA certificate regeneration URL as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.