Lucene search
FortiGuard LabsFG-IR-22-364HistoryMar 07, 2023 - 12:00 a.m.
Protect
2023-03-0700:00:00
FortiGuard Labs
www.fortiguard.com
28
sensitive information
unauthorized access
fortios
fortiproxy
administrative interface
unauthenticated attacker
logging information
crafted requests
http
https
0.001 Low
EPSS
Percentile
47.7%
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiOS and FortiProxy administrative interface may allow an unauthenticated attacker to obtain sensitive logging information on the device via crafted HTTP or HTTPs GET requests.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fortiproxy | eq | 7.2.2 | |
| fortiproxy | eq | 7.2.1 | |
| fortiproxy | eq | 7.2.0 | |
| fortiproxy | eq | 7.0.8 | |
| fortiproxy | eq | 7.0.7 | |
| fortiproxy | eq | 7.0.6 | |
| fortiproxy | eq | 7.0.5 | |
| fortiproxy | eq | 7.0.4 | |
| fortiproxy | eq | 7.0.3 | |
| fortiproxy | eq | 7.0.2 |
Related
cve
cve
CVE-2022-41329
2023-03-07 17:15:12
nessus
nessus
cvelist
cvelist
CVE-2022-41329
2023-03-07 16:22:02
nvd
nvd
CVE-2022-41329
2023-03-07 17:15:12
prion
prion
Code injection
2023-03-07 17:15:00
ics
ics
Siemens RUGGEDCOM APE1808 with Fortigate NGFW Devices
2024-03-14 12:00:00