PT-2022-19397 · Fortinet · Fortisoar
Published
2022-09-06
·
Updated
2022-09-09
·
CVE-2022-29062
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Fortinet FortiSOAR versions prior to 7.2.1
Description
The issue allows an authenticated attacker to write to the underlying filesystem with nginx permissions via crafted HTTP requests, due to multiple relative path traversal vulnerabilities.
Recommendations
For versions prior to 7.2.1, update to version 7.2.1 or later to resolve the issue.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fortisoar