An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiOS version 7.2.0 through 7.2.3 and 7.0.0 through 7.0.9 allows an unauthenticated attackers to obtain sensitive logging informations on the device via crafted HTTP GET requests.
References
History

Wed, 23 Oct 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-03-07T16:22:02.418Z

Updated: 2024-10-23T14:31:07.124Z

Reserved: 2022-09-23T15:07:35.781Z

Link: CVE-2022-41329

cve-icon Vulnrichment

Updated: 2024-08-03T12:42:46.191Z

cve-icon NVD

Status : Modified

Published: 2023-03-07T17:15:12.163

Modified: 2023-11-07T03:52:47.013

Link: CVE-2022-41329

cve-icon Redhat

No data.