Vulnerability Details CVE-2021-41020
An improper access control vulnerability [CWE-284] in FortiIsolator versions 2.3.2 and below may allow an authenticated, non privileged attacker to regenerate the CA certificate via the regeneration URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 41.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
Products affected by CVE-2021-41020
-
cpe:2.3:a:fortinet:fortiisolator:2.3.0
-
cpe:2.3:a:fortinet:fortiisolator:2.3.1
-
cpe:2.3:a:fortinet:fortiisolator:2.3.2