FortiNAC - improper permissions set for tomcat users configuration file
An incorrect permission assignment for a critical resource vulnerability [CWE-732] in FortiNAC may allow an authenticated attacker to access sensitive system data and, as a consequence, raise the authenticated user's privilege to admin.
FortiNAC version 9.2.0 and below.
FortiNAC version 9.1.3 and below.
FortiNAC version 8.8.9 and below.
Upgrade to upcoming FortiNAC version 10.0.0 or above.
Upgrade to FortiNAC version 9.2.1 or above.
Upgrade to FortiNAC version 9.1.4 or above.
Upgrade to FortiNAC version 8.8.10 or above.