Fortisoar@7.0.3 Security Vulnerabilities and Issues — Fortisoar@7.0.3 CVE List

Lucene search

FortinetFortisoar7.0.3

3 matches found

CVE•added 2022/11/02 12:15 p.m.•58 views

CVE-2022-42473

A missing authentication for a critical function vulnerability in Fortinet FortiSOAR 6.4.0 - 6.4.4 and 7.0.0 - 7.0.3 and 7.2.0 allows an attacker to disclose information via logging into the database using a privileged account without a password.

5.5CVSS5.3AI score0.00062EPSS

CVE•added 2022/09/06 6:15 p.m.•57 views

CVE-2022-35847

An improper neutralization of special elements used in a template engine vulnerability [CWE-1336] in FortiSOAR management interface 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.4 may allow a remote and authenticated attacker to execute arbitrary code via a crafted payload.

8.8CVSS8.7AI score0.01429EPSS

CVE•added 2022/12/06 5:15 p.m.•50 views

CVE-2022-38379

Improper neutralization of input during web page generation [CWE-79] in FortiSOAR 7.0.0 through 7.0.3 and 7.2.0 may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR.

5.4CVSS5.3AI score0.00482EPSS