Critical Infrastructure Sectors: Energy
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiProxy version 7.2.0 up to and including 7.2.1 and 7.0.0 up to and including 7.0.7, FortiOS version 7.2.0 up to and including 7.2.3 and 7.0.0 up to and including 7.0.9 allows an unauthenticated malicious users to obtain sensitive logging informations on the device via crafted HTTP GET requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortios |
||
fortinet fortiproxy |