Improper access control

2022-05-0416:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.5%

JSON

An improper access control in Fortinet FortiSOAR before 7.2.0 allows unauthenticated attackers to access gateway API data via crafted HTTP GET requests.

CPENameOperatorVersion
fortisoareq6.0.0
fortisoarge7.0.0
fortisoarle7.0.2
fortisoarge6.4.0
fortisoarle6.4.4

Name	Operator	Version
fortisoar	eq	6.0.0
fortisoar	ge	7.0.0
fortisoar	le	7.0.2
fortisoar	ge	6.4.0
fortisoar	le	6.4.4

References

fortiguard.com/psirt/FG-IR-22-041