A exposure of sensitive information to an unauthorized actor in Fortinet FortiManager version 6.0.0 through 6.0.4, FortiAnalyzer version 6.0.0 through 6.0.4, FortiPortal version 6.0.0 through 6.0.9, 5.3.0 through 5.3.8, 5.2.x, 5.1.0, 5.0.x, 4.2.x, 4.1.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.x, 6.0.x allows an attacker which has obtained access to a restricted administrative account to obtain sensitive information via `diagnose debug` commands.
References
| Link | Resource |
|---|---|
| https://fortiguard.com/psirt/FG-IR-18-232 | Vendor Advisory |
| https://fortiguard.com/psirt/FG-IR-18-232 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:55
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://fortiguard.com/psirt/FG-IR-18-232 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
Information
Published : 2023-03-07 17:15
Updated : 2024-11-21 06:55
NVD link : CVE-2022-27490
Mitre link : CVE-2022-27490
CVE.ORG link : CVE-2022-27490
JSON object : View
Products Affected
fortinet
- fortimanager
- fortiportal
- fortianalyzer
- fortiswitch
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor