A unverified password change in Fortinet FortiManager...
Moderate severity
Unreviewed
Published
Aug 13, 2024
to the GitHub Advisory Database
•
Updated Aug 13, 2024
Description
Published by the National Vulnerability Database
Aug 13, 2024
Published to the GitHub Advisory Database
Aug 13, 2024
Last updated
Aug 13, 2024
A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, allows an attacker to modify admin passwords via the device configuration backup.
References