An improper access control vulnerability [CWE-284] in FortiIsolator versions 2.3.2 and below may allow an authenticated, non privileged attacker to regenerate the CA certificate via the regeneration URL.

Related CVEs

CVE-2021-41020

Key Information

GHSA ID

GHSA-v9h9-p74g-4ccw

Published

May 5, 2022 12:00 AM

Last Modified

May 14, 2022 12:03 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 11, 2025 6:32 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.