FortiManager allows unauthorized viewing of vdoms settings by any adom standard users


A standard user with adom assignment can read the interface settings of vdoms unrelated to his/her adom.

Affected Products

FortiManager 6.0.1 and below.


Upgrade to FortiManager 6.0.2 or above.


Fortinet is pleased to thank Yasar Calay, Beyaz Bilgisayar Danışmanlık Hizmetleri Ltd. Şti. for reporting this vulnerability under responsible disclosure.