How severe is CVE-2022-41331?

CVE-2022-41331 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2022-41331

Name: fortiproxy
Author: fortinet

9.8CRITICAL

A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and Mon

发布于: 4/11/2023更新于: 11/21/2024

描述

A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.

AI分析AI驱动

受影响产品

fortinetfortiproxy

参考资料

https://fortiguard.com/psirt/FG-IR-22-355
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-22-355
Vendor Advisory