Primary

Context

Fortinet FortiIsolator Improper Access Control Vulnerability in Logging Component

Vulnerability

Patched

A vulnerability allowing improper access control has been identified in the logging component of Fortinet FortiIsolator versions 2.4.3, 2.4.4, and all versions of 2.3. This vulnerability may enable a remote authenticated read-only attacker to modify logs by sending a crafted HTTP request.

Impact

Exploitation of this vulnerability could lead to unauthorized alteration of log data.

Remediation

Users of Fortinet FortiIsolator 2.4.3 and 2.4.4 should upgrade to version 2.4.5 or above. Those on FortiIsolator 2.3 should migrate to a fixed release.

Added: Jul 18, 2025, 8:25 AM

Updated: Jul 18, 2025, 8:25 AM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

4.9

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

4.9

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiIsolator Improper Access Control Vulnerability in Logging Component

Vulnerability

Impact

Remediation

Affected Products

Fortinet FortiIsolator

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating