Home
HIGH: 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:RDefault status
unaffected
1.5.0
affected
1.4.0 (semver)
affected
1.3.0 (semver)
affected
1.2.0
affected
1.1.0 (semver)
affected
1.0.0 (semver)
affected
Default status
unaffected
7.2.0 (semver)
affected
Description
A weak authentication in Fortinet FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager 7.2.0 through 7.2.4 allows attacker to execute unauthorized code or commands via specially crafted http requests
Problem types
Execute unauthorized code or commands
Product status
1.5.0
1.4.0 (semver)
1.3.0 (semver)
1.2.0
1.1.0 (semver)
1.0.0 (semver)
7.2.0 (semver)
References
fortiguard.fortinet.com/psirt/FG-IR-25-010
