vulnerability
Fortinet FortiManager: Improper Authentication (CVE-2021-24017)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:P/A:N) | Sep 30, 2021 | Nov 30, 2021 | Aug 1, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Published
Sep 30, 2021
Added
Nov 30, 2021
Modified
Aug 1, 2025
Description
An improper authentication in Fortinet FortiManager version 6.4.3 and below, 6.2.6 and below allows attacker to assign arbitrary Policy and Object modules via crafted requests to the request handler.
Solutions
fortinet-fortimanager-upgrade-6_2_7fortinet-fortimanager-upgrade-6_4_3fortinet-fortimanager-upgrade-6_4_4fortinet-fortimanager-upgrade-7_0_0
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.