** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fortinet FortiWAN version 5.2.0 through 5.2.1 and version 5.1.1 through 5.1.2 may allow an authenticated attacker to escalate his privileges via HTTP or HTTPs requests with crafted JWT token values.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HFortinet Fortiwan
APPFortinet5.1.15.1.25.2.05.2.1
Related vulnerabilities
Path traversal umożliwiający usunięcie plików i reset hasła admina w FortiWAN
Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN before...
An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may ...
** UNSUPPORTED WHEN ASSIGNED **A improper limitation of a pathname to a restricted directory ('path traversal'...
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management ...