A missing authentication for critical function vulnerability [CWE-306] in FortiPresence on-prem infrastructure server may allow a remote, unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.
CPE | Name | Operator | Version |
---|---|---|---|
fortipresence | eq | 1.2.1 | |
fortipresence | eq | 1.2.0 | |
fortipresence | eq | 1.1.1 | |
fortipresence | eq | 1.1.0 | |
fortipresence | eq | 1.0.0 |