Common vulnerabilities and Exposures (CVE)

Skip to main content

Required CVE Record Information

Description

An improper access control vulnerability in FortiManager versions 6.4.0 to 6.4.3 may allow an authenticated attacker with a restricted user profile to access the SD-WAN Orchestrator panel via directly visiting its URL.

CVSS 1 Total

Learn more
ScoreSeverityVersionVector String
6.3MEDIUM3.1CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F/RL:X/RC:X

Product Status

Learn more

Versions 1 Total

Default Status: unknown

affected

  • affected at FortiManager 6.4.0 to 6.4.3 

Updated:

This container includes required additional information provided by the CVE Program for this vulnerability.

Authorized Data Publishers

Learn more