How severe is CVE-2022-41331?

CVE-2022-41331 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2022-41331

Name: fortiproxy
Author: fortinet

9.8CRITICAL

A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and Mon

Published: 4/11/2023Updated: 11/21/2024

Description

A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.

AI AnalysisPowered by AI

Affected Products

fortinetfortiproxy

References

https://fortiguard.com/psirt/FG-IR-22-355
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-22-355
Vendor Advisory