An improper input validation vulnerability [CWE-20] in FortiAnalyzer version 7.2.1 and below, version 7.0.6 and below, 6.4 all versions may allow an authenticated attacker to disclose file system information via custom dataset SQL queries.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-432 |
History
Wed, 23 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-04-11T16:06:17.894Z
Updated: 2024-10-23T14:29:14.227Z
Reserved: 2022-10-07T14:05:36.302Z
Link: CVE-2022-42477
Vulnrichment
Updated: 2024-08-03T13:10:40.842Z
NVD
Status : Modified
Published: 2023-04-11T17:15:07.587
Modified: 2024-11-21T07:25:03.030
Link: CVE-2022-42477
Redhat
No data.