A improper privilege management in Fortinet FortiSandbox version 4.2.0 up to and including 4.2.2, 4.0.0 up to and including 4.0.2 and prior to 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 up to and including 4.0.2 and prior to 3.3.3 allows a remote authenticated malicious user to perform unauthorized API calls via crafted HTTP or HTTPS requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortideceptor 4.1.0 |
||
fortinet fortideceptor |
||
fortinet fortisandbox |