Fortinet: >> Fortianalyzer >> 7.0.6 Security Vulnerabilities
A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 through 6.4.11 may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests.
CVSS Score
4.3
EPSS Score
0.002
Published
2023-06-13
An improper input validation vulnerability [CWE-20] in FortiAnalyzer version 7.2.1 and below, version 7.0.6 and below, 6.4 all versions may allow an authenticated attacker to disclose file system information via custom dataset SQL queries.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-04-11
Page 5