A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.
References
History

Wed, 23 Oct 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-06-13T08:41:41.742Z

Updated: 2024-10-23T14:27:14.451Z

Reserved: 2022-09-23T15:07:35.780Z

Link: CVE-2022-41327

cve-icon Vulnrichment

Updated: 2024-08-03T12:42:44.712Z

cve-icon NVD

Status : Modified

Published: 2023-06-13T09:15:14.960

Modified: 2024-11-21T07:23:03.590

Link: CVE-2022-41327

cve-icon Redhat

No data.