An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged malicious user to download the device configuration file via the recovery URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortisandbox |