Fortinet FortiDeceptor Improper Access Control Vulnerability Allowing Unauthorized Operations on Central Management Appliance

Vulnerability

A vulnerability allowing improper access control has been identified in Fortinet FortiDeceptor versions 6.0.0, 5.3.3 and below, 5.2.1 and below, 5.1.0, and 5.0.0. This vulnerability may enable an authenticated attacker with no privileges to execute operations on the central management appliance by sending crafted requests.

Impact

Exploitation of this vulnerability could allow an authenticated attacker with no privileges to perform unauthorized operations on the central management appliance.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

0.6

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortinet FortiDeceptor Improper Access Control Vulnerability Allowing Unauthorized Operations on Central Management Appliance

Vulnerability

Impact

Affected Products

Fortinet FortiDeceptor

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating