A path traversal vulnerability [CWE-23] in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated attacker to retrieve specific parts of files from the underlying file system via specially crafted web requests.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-22-146 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2023-02-16T18:05:34.338Z
Updated: 2023-02-16T18:05:34.338Z
Reserved: 2022-05-06T12:09:27.622Z
Link: CVE-2022-30299
JSON object: View
NVD Information
Status : Modified
Published: 2023-02-16T19:15:12.337
Modified: 2023-11-07T03:47:13.117
Link: CVE-2022-30299
JSON object: View
Redhat Information
No data.