Authentication Bypass Vulnerability in Fortinet FortiSwitch Products
CVE-2016-4573
9.8CRITICAL
What is CVE-2016-4573?
A vulnerability exists in multiple FortiSwitch models when operating under FortiLink managed mode and running firmware version 3.4.1. This loophole allows remote attackers to bypass authentication mechanisms and gain unauthorized administrative access by utilizing an empty password for the rest_admin account. Such access can lead to a range of security issues, making timely remediation critical for all affected installations.