PT-2022-11771 · Fortinet · Fortiadc
Published
2022-09-06
·
Updated
2022-09-13
·
CVE-2021-43076
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
FortiADC versions 6.2.1 and below
FortiADC versions 6.1.5 and below
FortiADC versions 6.0.4 and below
FortiADC versions 5.4.5 and below
FortiADC versions 5.3.7 and below
Description
An improper privilege management issue may allow a remote authenticated attacker with a restricted user profile to modify system files using shell access. This could potentially lead to unauthorized changes to the system.
Recommendations
For FortiADC versions 6.2.1 and below, update to a version above 6.2.1 to resolve the issue.
For FortiADC versions 6.1.5 and below, update to a version above 6.1.5 to resolve the issue.
For FortiADC versions 6.0.4 and below, update to a version above 6.0.4 to resolve the issue.
For FortiADC versions 5.4.5 and below, update to a version above 5.4.5 to resolve the issue.
For FortiADC versions 5.3.7 and below, update to a version above 5.3.7 to resolve the issue.
As a temporary workaround, consider restricting shell access to minimize the risk of exploitation.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fortiadc