2 matches found
CVE-2022-42477
An improper input validation vulnerability CWE-20 in FortiAnalyzer version 7.2.1 and below, version 7.0.6 and below, 6.4 all versions may allow an authenticated attacker to disclose file system information via custom dataset SQL queries...
CVE-2022-42477
Fortinet FortiAnalyzer is affected by CVE-2022-42477 due to an improper input validation vulnerability (CWE-20). The issue allows an authenticated attacker to disclose file system information via custom dataset SQL queries. Affected product versions include FortiAnalyzer 7.2.1 and earlier, 7.0.6 ...