An exposure of resource to wrong sphere vulnerability [CWE-668] in FortiAnalyzer and FortiManager GUI 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.8, 6.2.0 up to and including 6.2.9, 6.0.0 up to and including 6.0.11, 5.6.0 up to and including 5.6.11 may allow an unauthenticated and remote malicious user to access report template images via referencing the name in the URL path.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortimanager |
||
fortinet fortianalyzer |