A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7.2.0 up to and including 7.2.1, 7.0.0 up to and including 7.0.6, 6.4.8 up to and including 6.4.11 may allow a remote and authenticated malicious user to access unauthorized files and services on the system via specially crafted web requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortimanager 7.2.0 |
||
fortinet fortianalyzer 7.2.0 |
||
fortinet fortianalyzer 7.2.1 |
||
fortinet fortimanager 7.2.1 |
||
fortinet fortimanager |
||
fortinet fortianalyzer |