FortiMail admin privilegie elevation through improper user profile control Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-19-237 Final 1 1 2020-01-03T00:00:00 Current version 2020-01-03T00:00:00 2020-01-03T00:00:00 Two improper access control vulnerabilities in FortiMail admin webUI may allow administrators to perform privileged functions they should not be authorized for.Specifically, the two vulnerabilities are identified as the following:CVE-2019-15712: improper access control to web consoleCVE-2019-15707: improper access control to system backup config download Improper access control FortiMail 6.2.0, 6.0.0 to 6.0.6, 5.4.10 and below. Upgrade to 6.2.1, 6.0.7 or 5.4.11After upgrading to the patched version:* web console in admin webUI will be controlled by the following profile setting:config system accprofileset others read, read-write or noneend* system config downloading will be controlled by the following profile setting:config system accprofileset system read, read-write or noneendRevision History:2019-10-18 Initial version2020-01-03 New fix on 5.4.11 released Fortinet is pleased to thank Danilo Costa from PBI Dynamic IT Security for reporting this vulnerability under responsible disclosure. CVE-2019-15707 CVE-2019-15712 6.2 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F/RL:X/RC:X https://fortiguard.fortinet.com/psirt/FG-IR-19-237 FortiMail admin privilegie elevation through improper user profile control Reference>