Improper Access Control in Fortinet's FortiWLC Product
CVE-2021-32584
4.8MEDIUM
What is CVE-2021-32584?
An improper access control vulnerability in Fortinet's FortiWLC can be exploited by unauthenticated remote attackers. By entering a specific URL, attackers may gain unauthorized access to limited CGI resources within the web management interface. This flaw exposes sensitive configuration details, potentially compromising the security posture of the affected systems.
Affected Version(s)
FortiWLC 8.6.0
FortiWLC 8.5.0 <= 8.5.3
FortiWLC 8.4.4 <= 8.4.8