Lucene search

PRIOn knowledge basePRION:CVE-2022-27490

HistoryMar 07, 2023 - 5:15 p.m.

Design/Logic Flaw

2023-03-0717:15:00

PRIOn knowledge base

www.prio-n.com

fortinet

fortimanager

fortianalyzer

fortiportal

fortiswitch

exposure

sensitive information

unauthorized access

security flaw

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.7%

JSON

A exposure of sensitive information to an unauthorized actor in Fortinet FortiManager version 6.0.0 through 6.0.4, FortiAnalyzer version 6.0.0 through 6.0.4, FortiPortal version 6.0.0 through 6.0.9, 5.3.0 through 5.3.8, 5.2.x, 5.1.0, 5.0.x, 4.2.x, 4.1.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.x, 6.0.x allows an attacker which has obtained access to a restricted administrative account to obtain sensitive information via diagnose debug commands.

CPENameOperatorVersion
fortianalyzerge5.6.0
fortianalyzerle5.6.11
fortianalyzerge6.0.0
fortianalyzerle6.0.4
fortimanagerge5.6.0
fortimanagerle5.6.11
fortimanagerge6.0.0
fortimanagerle6.0.4
fortiportalge5.1.0
fortiportalle5.1.2

Name	Operator	Version
fortianalyzer	ge	5.6.0
fortianalyzer	le	5.6.11
fortianalyzer	ge	6.0.0
fortianalyzer	le	6.0.4
fortimanager	ge	5.6.0
fortimanager	le	5.6.11
fortimanager	ge	6.0.0
fortimanager	le	6.0.4
fortiportal	ge	5.1.0
fortiportal	le	5.1.2

Rows per page:

1-10 of 301

References

fortiguard.com/psirt/FG-IR-18-232