Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
fortinetFortiGuard LabsFG-IR-21-077
HistoryAug 03, 2021 - 12:00 a.m.

FortiPortal - Authentication bypass and remote code execution as root

2021-08-0300:00:00
FortiGuard Labs
www.fortiguard.com
29
fortiportal
authentication bypass
remote code execution
cwe-798
hard-coded credentials
tomcat manager
root access
software vulnerability

EPSS

0.002

Percentile

60.7%

JSON

A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal may allow a remote and unauthenticated attacker to execute unauthorized commands as root by uploading and deploying malicious web application archive files using the default hard-coded Tomcat Manager username and password.Â

Related

cnvd 1
prion 1
cvelist 1
cve 1
nvd 1
cnvd
cnvd
Fortinet FortiPortal Trust Management Issue Vulnerability
2021-08-04 00:00:00
prion
prion
Hardcoded credentials
2021-08-18 22:15:00
cvelist
cvelist
CVE-2021-32588
2021-08-18 21:30:12
cve
cve
CVE-2021-32588
2021-08-18 22:15:06
nvd
nvd
CVE-2021-32588
2021-08-18 22:15:06

EPSS

0.002

Percentile

60.7%

JSON
Related for FG-IR-21-077
cnvd1prion1cvelist1cve1nvd1