CVE-2022-41331
9.8CRITICALA missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and Mon
Publicado: 4/11/2023Actualizado: 11/21/2024
Descripción
A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.
Análisis IAImpulsado por IA
Productos Afectados
fortinetfortiproxy
Referencias
- https://fortiguard.com/psirt/FG-IR-22-355Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-22-355Vendor Advisory