CVE-2020-15939

An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration file via the recovery URL.
References
Link Resource
https://fortiguard.com/advisory/FG-IR-20-071 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*

Information

Published : 2021-09-06 04:15

Updated : 2022-07-12 05:42


NVD link : CVE-2020-15939

Mitre link : CVE-2020-15939

Products Affected
No products.