External access to confighandler webserver Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-21-226 Final 1 1 2022-04-05T00:00:00 Current version 2022-04-05T00:00:00 2022-04-05T00:00:00 An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Linux may allow an unauthenticated attacker to access the confighandler webserver via external binaries. None Improper access control FortiClient for Linux version 7.0.2 and belowFortiClient for Linux version 6.4.7 and belowFortiClient for Linux version 6.2.9 to 6.2.0 Please upgrade to FortiClient for Linux version 7.0.3 or above.Please upgrade to FortiClient for Linux version 6.4.8 or above. CVE-2021-43205 4.2 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:W/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-21-226 External access to confighandler webserver Reference>