A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated malicious user to send messages to the syslog server of FortiAnalyzer via the knoweldge of an authorized device serial number.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortianalyzer |
||
fortinet fortianalyzer 7.4.0 |