PSIRT

FortiAuthenticator Privilege Escalation Vulnerability

Description

Authenticated admin users may be able to obtain access to a system shell from the command line interface.

Impact Detail

Authenticated admin users can execute operating system commands with full read and write access to the file system.

Affected Products

FortiAuthenticator 1.x and 2.x

Solutions

Upgrade to FortiAuthenticator 3.0 or higher.

Acknowledgement

Yvan Janssens

IR Number	FG-IR-13-016
Date	Dec 13, 2013
Severity	Medium
Impact	Privilege Escalation
CVE ID	CVE-2013-6990
CVRF	Download

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

PSIRT

FortiAuthenticator Privilege Escalation Vulnerability

Description

Impact Detail

Affected Products

Solutions

Acknowledgement

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

PSIRT

FortiAuthenticator Privilege Escalation Vulnerability

Description

Impact Detail

Affected Products

Solutions

Acknowledgement

Threat Intelligence
Center