diff --git a/2021/26xxx/CVE-2021-26110.json b/2021/26xxx/CVE-2021-26110.json index 6bacfd7f641..a93390e7a70 100644 --- a/2021/26xxx/CVE-2021-26110.json +++ b/2021/26xxx/CVE-2021-26110.json @@ -71,7 +71,7 @@ "description_data": [ { "lang": "eng", - "value": "An improper access control vulnerability [CWE-284]\u00a0in FortiOS autod daemon 7.0.0, 6.4.6\u00a0and below, 6.2.9\u00a0and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features." + "value": "An improper access control vulnerability [CWE-284] in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to super_admin via a specific crafted configuration of fabric automation CLI script and auto-script features." } ] } diff --git a/2021/36xxx/CVE-2021-36180.json b/2021/36xxx/CVE-2021-36180.json index d0ca7928349..97e340dcf84 100644 --- a/2021/36xxx/CVE-2021-36180.json +++ b/2021/36xxx/CVE-2021-36180.json @@ -71,7 +71,7 @@ "description_data": [ { "lang": "eng", - "value": "Multiple improper neutralization of special elements used in a command vulnerabilities\u00a0[CWE-77] in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.5 and below may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests." + "value": "Multiple improper neutralization of special elements used in a command vulnerabilities [CWE-77] in FortiWeb management interface 6.4.1 and below, 6.3.15 and below, 6.2.5 and below may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests." } ] } diff --git a/2021/42xxx/CVE-2021-42758.json b/2021/42xxx/CVE-2021-42758.json index e48dbeda9b2..b73903ffc91 100644 --- a/2021/42xxx/CVE-2021-42758.json +++ b/2021/42xxx/CVE-2021-42758.json @@ -71,7 +71,7 @@ "description_data": [ { "lang": "eng", - "value": "An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an\u00a0admin user with full access rights\u00a0via bypassing the GUI restrictions." + "value": "An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an authenticated and remote attacker with low privileges to execute any command as an admin user with full access rights via bypassing the GUI restrictions." } ] }