An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiOS and FortiProxy administrative interface may allow an unauthenticated attacker to obtain sensitive logging information on the device via crafted HTTP or HTTPs GET requests.
CPE | Name | Operator | Version |
---|---|---|---|
fortiproxy | eq | 7.2.2 | |
fortiproxy | eq | 7.2.1 | |
fortiproxy | eq | 7.2.0 | |
fortiproxy | eq | 7.0.8 | |
fortiproxy | eq | 7.0.7 | |
fortiproxy | eq | 7.0.6 | |
fortiproxy | eq | 7.0.5 | |
fortiproxy | eq | 7.0.4 | |
fortiproxy | eq | 7.0.3 | |
fortiproxy | eq | 7.0.2 |