vulnerability
Fortinet FortiManager: Unspecified Security Vulnerability (CVE-2021-24016)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Sep 30, 2021 | Nov 30, 2021 | Mar 7, 2024 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Sep 30, 2021
Added
Nov 30, 2021
Modified
Mar 7, 2024
Description
An improper neutralization of formula elements in a csv file in Fortinet FortiManager version 6.4.3 and below, 6.2.7 and below allows attacker to execute arbitrary commands via crafted IPv4 field in policy name, when exported as excel file and opened unsafely on the victim host.
Solution(s)
fortinet-fortimanager-upgrade-6_2_7fortinet-fortimanager-upgrade-6_4_3fortinet-fortimanager-upgrade-6_4_4fortinet-fortimanager-upgrade-7_2_8
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.