Missing Authentication Vulnerability in Fortinet FortiSOAR Products
CVE-2022-42473
5.3MEDIUM
What is CVE-2022-42473?
A vulnerability in Fortinet FortiSOAR across multiple versions allows an attacker to access sensitive information by exploiting a missing authentication mechanism. This flaw enables unauthorized users to log into the database with a privileged account without supplying a password, thus posing a significant risk to the confidentiality and integrity of the system.
Affected Version(s)
Fortinet FortiSOAR FortiSOAR 7.2.0, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.4, 6.4.3, 6.4.1, 6.4.0