CVE-2023-42782
5.3MEDIUMA insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server o
Publicado: 10/10/2023Atualizado: 11/21/2024
Descrição
A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via the knoweldge of an authorized device serial number.
Análise IADesenvolvido por IA
Produtos Afetados
fortinetfortianalyzer
fortinetfortianalyzer
fortinetfortianalyzer
fortinetfortianalyzer
fortinetfortianalyzer
7.4.0
Referências
- https://fortiguard.com/psirt/FG-IR-23-221Vendor Advisory
- https://fortiguard.com/psirt/FG-IR-23-221Vendor Advisory