CVE-2022-26121
3.7LOWAn exposure of resource to wrong sphere vulnerability [CWE-668] in FortiAnalyzer and FortiManager GUI 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11, 5.6.0 through
Publicado: 10/10/2022Actualizado: 11/21/2024
Descripción
An exposure of resource to wrong sphere vulnerability [CWE-668] in FortiAnalyzer and FortiManager GUI 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11, 5.6.0 through 5.6.11 may allow an unauthenticated and remote attacker to access report template images via referencing the name in the URL path.
Análisis IAImpulsado por IA
Productos Afectados
fortinetfortimanager
fortinetfortimanager
fortinetfortimanager
fortinetfortimanager
fortinetfortimanager
fortinetfortianalyzer
fortinetfortianalyzer
fortinetfortianalyzer
fortinetfortianalyzer
fortinetfortianalyzer
Referencias
- https://fortiguard.com/psirt/FG-IR-22-026Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-22-026Vendor Advisory