An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-20-235 |
History
Fri, 25 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-03-04T17:27:43
Updated: 2024-10-25T13:59:55.356Z
Reserved: 2021-01-04T00:00:00
Link: CVE-2021-22128
Vulnrichment
Updated: 2024-08-03T18:30:24.008Z
NVD
Status : Modified
Published: 2021-03-04T18:15:13.130
Modified: 2024-11-21T05:49:33.540
Link: CVE-2021-22128
Redhat
No data.