A exposure of sensitive information to an unauthorized actor in Fortinet FortiManager version 6.0.0 through 6.0.4, FortiAnalyzer version 6.0.0 through 6.0.4, FortiPortal version 6.0.0 through 6.0.9, 5.3.0 through 5.3.8, 5.2.x, 5.1.0, 5.0.x, 4.2.x, 4.1.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.x, 6.0.x allows an attacker which has obtained access to a restricted administrative account to obtain sensitive information via `diagnose debug` commands.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-18-232 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-03-07T16:04:57.843Z
Updated: 2024-08-03T05:32:57.808Z
Reserved: 2022-03-21T16:03:48.576Z
Link: CVE-2022-27490
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-03-07T17:15:11.793
Modified: 2023-11-07T03:45:20.690
Link: CVE-2022-27490
Redhat
No data.