VYPR
Unrated severityNVD Advisory· Published Nov 2, 2022· Updated Oct 22, 2024

CVE-2022-42473

CVE-2022-42473

Description

A missing authentication for a critical function vulnerability in Fortinet FortiSOAR 6.4.0 - 6.4.4 and 7.0.0 - 7.0.3 and 7.2.0 allows an attacker to disclose information via logging into the database using a privileged account without a password.

Affected products

2
  • Fortinet/Fortisoarllm-fuzzy2 versions
    >=6.4.0 <=6.4.4, >=7.0.0 <=7.0.3, =7.2.0+ 1 more
    • (no CPE)range: >=6.4.0 <=6.4.4, >=7.0.0 <=7.0.3, =7.2.0
    • (no CPE)range: FortiSOAR 7.2.0, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.4, 6.4.3, 6.4.1, 6.4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.