FortiOS – Improper authentication following read-only user login

Fortiguard Security Advisory

An improper authentication vulnerability [CWE-287] in FortiOS when configured with FortiAuthenticator in HA may allow an authenticated attacker with at least read-only permission to gain read-write access via successive login attempts.

READ MORE