First published: Wed Nov 29 2017(Updated: )
An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully log-in regardless the provided password.
Credit: psirt@fortinet.com
Affected Software | Affected Version | How to fix |
---|---|---|
Fortinet FortiWebManager | =5.8.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-14189 is rated as a critical severity vulnerability due to its potential for unauthorized access.
To fix CVE-2017-14189, update Fortinet FortiWebManager to the latest version as recommended by the vendor.
CVE-2017-14189 affects Fortinet FortiWebManager version 5.8.0.
Anyone who has access to the admin webUI of Fortinet FortiWebManager version 5.8.0 is impacted by CVE-2017-14189.
Currently, no specific workaround is provided for CVE-2017-14189, thus updating is strongly recommended.