説明
A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.
AI分析AIによる分析
影響を受ける製品
fortinetfortiproxy
参照
- https://fortiguard.com/psirt/FG-IR-22-355Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-22-355Vendor Advisory