A path traversal vulnerability [CWE-23] in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated attacker to retrieve specific parts of files from the underlying file system via specially crafted web requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-146 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-02-16T18:05:34.338Z
Updated: 2024-08-03T06:48:35.681Z
Reserved: 2022-05-06T12:09:27.622Z
Link: CVE-2022-30299
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-02-16T19:15:12.337
Modified: 2023-11-07T03:47:13.117
Link: CVE-2022-30299
Redhat
No data.