CVE-2021-22128

An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connection functionality.
References
Link Resource
https://fortiguard.com/advisory/FG-IR-20-235 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*

Information

Published : 2021-03-04 06:15

Updated : 2022-07-12 05:42


NVD link : CVE-2021-22128

Mitre link : CVE-2021-22128

Products Affected
No products.