vulnerability
Fortinet FortiOS: Cleartext Transmission of Sensitive Information (CVE-2022-41327)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:L/AC:L/Au:M/C:C/I:N/A:N) | Jun 13, 2023 | Jun 19, 2023 | Jan 28, 2025 |
Severity
4
CVSS
(AV:L/AC:L/Au:M/C:C/I:N/A:N)
Published
Jun 13, 2023
Added
Jun 19, 2023
Modified
Jan 28, 2025
Description
A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.
Solution
fortios-upgrade-latest

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.