A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 through 6.4.11 may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-493 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-06-13T08:41:45.316Z
Updated: 2024-08-02T11:25:19.297Z
Reserved: 2023-02-08T13:42:03.367Z
Link: CVE-2023-25609
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-06-13T09:15:16.227
Modified: 2023-11-07T04:09:04.177
Link: CVE-2023-25609
Redhat
No data.