Exposure of password hashes to read-only admin

Summary

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiADC may allow a read-only admin to view data pertaining to other admins.

Version Affected Solution
FortiADC 7.4 7.4.0 through 7.4.1 Upgrade to 7.4.2 or above
FortiADC 7.2 7.2.0 through 7.2.3 Upgrade to 7.2.4 or above
FortiADC 7.1 7.1 all versions Migrate to a fixed release
FortiADC 7.0 7.0 all versions Migrate to a fixed release
FortiADC 6.2 6.2 all versions Migrate to a fixed release

Acknowledgement

Fortinet is pleased to thank internal researcher Leslie Zhou for reporting this vulnerability.

Timeline

2024-05-14: Initial publication