CVE-2023-42782
5.3MEDIUMA insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server o
게시됨: 10/10/2023업데이트됨: 11/21/2024
설명
A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via the knoweldge of an authorized device serial number.
AI 분석AI 기반
영향받는 제품
fortinetfortianalyzer
fortinetfortianalyzer
fortinetfortianalyzer
fortinetfortianalyzer
fortinetfortianalyzer
7.4.0
참조
- https://fortiguard.com/psirt/FG-IR-23-221Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-23-221Vendor Advisory