Multiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerability [CWE-89] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.2 and below may allow an authenticated malicious user to execute unauthorized code or commands via specifically crafted strings parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortinac |
||
fortinet fortinac 8.5.4 |
||
fortinet fortinac 8.6.0 |