First published: Thu Dec 09 2021(Updated: )
A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system data.
Credit: psirt@fortinet.com psirt@fortinet.com
Affected Software | Affected Version | How to fix |
---|---|---|
Fortinet FortiNAC | >=8.8.0<8.8.10 | |
Fortinet FortiNAC | >=9.1.0<9.1.4 | |
Fortinet FortiNAC | =9.2.0 | |
>=8.8.0<8.8.10 | ||
>=9.1.0<9.1.4 | ||
=9.2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-43065 is a vulnerability that involves an incorrect permission assignment for a critical resource in Fortinet FortiNAC versions 9.2.0, 9.1.3 and below, and 8.8.9 and below.
The severity of CVE-2021-43065 is high, with a CVSS severity score of 7.8.
CVE-2021-43065 allows an attacker to gain higher privileges by accessing sensitive system data.
Fortinet FortiNAC versions 9.2.0, 9.1.3 and below, and 8.8.9 and below are affected by CVE-2021-43065.
To address CVE-2021-43065, it is recommended to update Fortinet FortiNAC to a version that is not affected by the vulnerability.