CVE-2021-36177 is a vulnerability in Fortinet Fortiauthenticator
Published on February 2, 2022

An improper access control vulnerability [CWE-284] in FortiAuthenticator HA service 6.3.2 and below, 6.2.x, 6.1.x, 6.0.x may allow an attacker on the same vlan as the HA management interface to make an unauthenticated direct connection to the FAC's database.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

LOW

Integrity Impact:

LOW

Availability Impact:

NONE

Products Associated with CVE-2021-36177

Want to know whenever a new CVE is published for Fortinet Fortiauthenticator? stack.watch will email you.

Fortinet Fortiauthenticator

Exploit Probability

EPSS

0.17%

Percentile

37.38%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-36177 is a vulnerability in Fortinet FortiauthenticatorPublished on February 2, 2022

Vulnerability Analysis

Products Associated with CVE-2021-36177

Exploit Probability

CVE-2021-36177 is a vulnerability in Fortinet Fortiauthenticator
Published on February 2, 2022