A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0 through 6.2.7, 6.0.x, FortiMail version 7.0.0 through 7.0.3, 6.4.0 through 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 through 6.4.2, 6.0.x, 2.7.x, 2.6.x, FortiNDR version 1.x.x allows a remote unauthenticated attacker to execute commands on the CLI via tricking an authenticated administrator to execute malicious GET requests.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-22-038 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2023-12-13T06:39:42.998Z
Updated: 2023-12-13T06:39:42.998Z
Reserved: 2022-03-21T16:03:48.575Z
Link: CVE-2022-27488
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-13T07:15:10.910
Modified: 2024-01-18T15:48:06.043
Link: CVE-2022-27488
JSON object: View
Redhat Information
No data.
CWE