How severe is CVE-2022-41331?

CVE-2022-41331 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2022-41331

Name: fortiproxy
Author: fortinet

9.8CRITICAL

A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and Mon

Publicado: 4/11/2023Atualizado: 11/21/2024

Descrição

A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.

Análise IADesenvolvido por IA

Produtos Afetados

fortinetfortiproxy

Referências

https://fortiguard.com/psirt/FG-IR-22-355
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-22-355
Vendor Advisory