CVE-2022-41327

7.8HIGH

A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through

发布于: 6/13/2023更新于: 11/21/2024
在NVD查看在MITRE查看

描述

A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.

AI分析AI驱动

受影响产品

fortinetfortiproxy
fortinetfortiproxy
7.2.0
fortinetfortiproxy
7.2.1
fortinetfortios
fortinetfortios

参考资料