CVE-2020-15939

Published: 2021-09-06T16:15Z

Last Modified: 2024-11-21T05:06Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration file via the recovery URL. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt