CVE-2022-41327
7.8HIGHA cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through
게시됨: 6/13/2023업데이트됨: 11/21/2024
설명
A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.
AI 분석AI 기반
영향받는 제품
fortinetfortiproxy
fortinetfortiproxy
7.2.0
fortinetfortiproxy
7.2.1
fortinetfortios
fortinetfortios
참조
- https://fortiguard.com/psirt/FG-IR-22-380Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-22-380Vendor Advisory