A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5.6.0 up to and including 5.6.11, FortiAnalyzer version 6.0.0 up to and including 6.0.11, FortiAnalyzer version 6.2.0 up to and including 6.2.9, FortiAnalyzer version 6.4.0 up to and including 6.4.7, FortiAnalyzer version 7.0.0 through 7 .0.2, FortiManager version 5.6.0 up to and including 5.6.11, FortiManager version 6.0.0 up to and including 6.0.11, FortiManager version 6.2.0 up to and including 6.2.9, FortiManager version 6.4.0 up to and including 6.4.7, FortiManager version 7.0.0 up to and including 7.0.2 allows malicious user to bypass the device policy and force the password-change action for its user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortimanager |
||
fortinet fortianalyzer |