An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions.
References
Link | Resource |
---|---|
https://fortiguard.com/advisory/FG-IR-21-200 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2021-12-08T10:53:03
Updated: 2021-12-08T10:53:03
Reserved: 2021-10-20T00:00:00
Link: CVE-2021-42758
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-08T11:15:11.887
Modified: 2021-12-10T22:18:40.400
Link: CVE-2021-42758
JSON object: View
Redhat Information
No data.
CWE