CVE-2023-25609
4.3MEDIUMA server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 through 6.4.11 may allow a remote and authenticated a
Publicado: 6/13/2023Actualizado: 11/21/2024
Descripción
A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 through 6.4.11 may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests.
Análisis IAImpulsado por IA
Productos Afectados
fortinetfortianalyzer
fortinetfortianalyzer
fortinetfortianalyzer
7.2.0
fortinetfortianalyzer
7.2.1
fortinetfortimanager
fortinetfortimanager
fortinetfortimanager
7.2.0
fortinetfortimanager
7.2.1
Referencias
- https://fortiguard.com/psirt/FG-IR-22-493Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-22-493Vendor Advisory