Improper Access Control Vulnerability in FortiIsolator 2.3.2 and Below Allows Unauthorized CA Certificate Regeneration
CVE-2021-41020 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
An improper access control vulnerability [CWE-284] in FortiIsolator versions 2.3.2 and below may allow an authenticated, non privileged attacker to regenerate the CA certificate via the regeneration URL.
Learn more about our Cis Benchmark Audit For Microsoft Iis.