Home
LOW: 1.8 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:RDefault status
unaffected
7.6.0 (semver)
affected
7.4.0 (semver)
affected
7.2.0 (semver)
affected
7.0.0 (semver)
affected
Default status
unaffected
7.6.0 (semver)
affected
7.4.0 (semver)
affected
7.2.0 (semver)
affected
7.0.0 (semver)
affected
6.4.0 (semver)
affected
Default status
unaffected
1.6.0
affected
1.5.0 (semver)
affected
1.4.0 (semver)
affected
1.3.0 (semver)
affected
1.2.0
affected
1.1.0 (semver)
affected
1.0.0 (semver)
affected
Description
An Improper Privilege Management vulnerability [CWE-269] in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4 all versions, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4 all versions, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions may allow an authenticated administrator to bypass the trusted host policy via crafted CLI command.
Problem types
Product status
7.6.0 (semver)
7.4.0 (semver)
7.2.0 (semver)
7.0.0 (semver)
7.6.0 (semver)
7.4.0 (semver)
7.2.0 (semver)
7.0.0 (semver)
6.4.0 (semver)
1.6.0
1.5.0 (semver)
1.4.0 (semver)
1.3.0 (semver)
1.2.0
1.1.0 (semver)
1.0.0 (semver)
References
fortiguard.fortinet.com/psirt/FG-IR-25-545
