Improper Access Control in FortiAuthenticator HA Service
CVE-2021-36177
4.2MEDIUM
What is CVE-2021-36177?
An improper access control vulnerability in the FortiAuthenticator HA service allows attackers on the same VLAN as the management interface to establish an unauthenticated direct connection to the database. This can lead to unauthorized access to sensitive information, posing significant security risks for organizations utilizing this service.