CVE-2022-45778

Name of the Vulnerable Software and Affected Versions Hillstone Firewall SG-6000 versions 5.0.4.0 and earlier

Description The issue is related to incorrect access control, allowing an attacker to bypass permissions and gain super administrator privileges in the background of the firewall. This is due to a configuration error in the report module.

Recommendations For Hillstone Firewall SG-6000 versions 5.0.4.0 and earlier, update to a version later than 5.0.4.0 to resolve the issue. As a temporary workaround, consider restricting access to the report module to minimize the risk of exploitation.