A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-393 |
History
Tue, 22 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-06-13T08:41:42.277Z
Updated: 2024-10-22T20:46:07.625Z
Reserved: 2022-10-07T14:05:36.301Z
Link: CVE-2022-42474
Vulnrichment
Updated: 2024-08-03T13:10:40.871Z
NVD
Status : Modified
Published: 2023-06-13T09:15:15.597
Modified: 2024-11-21T07:25:02.533
Link: CVE-2022-42474
Redhat
No data.