CVE-2023-25609
13.06.2023, 09:15
A server-side request forgery (SSRF) vulnerability[CWE-918] inFortiManager and FortiAnalyzer GUI 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.8 through 6.4.11 may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests.
| Vendor | Product | Version |
|---|---|---|
| fortinet | fortianalyzer | 6.4.8 ≤ 𝑥 ≤ 6.4.11 |
| fortinet | fortianalyzer | 7.0.0 ≤ 𝑥 ≤ 7.0.6 |
| fortinet | fortianalyzer | 7.2.0 |
| fortinet | fortianalyzer | 7.2.1 |
| fortinet | fortimanager | 6.4.8 ≤ 𝑥 ≤ 6.4.11 |
| fortinet | fortimanager | 7.0.0 ≤ 𝑥 ≤ 7.0.6 |
| fortinet | fortimanager | 7.2.0 |
| fortinet | fortimanager | 7.2.1 |
𝑥
= Vulnerable software versions