First published: Mon Oct 07 2024(Updated: )
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiManager 7.4.2 and below, 7.2.5 and below, 7.0.12 and below allows a remote authenticated attacker assigned to an Administrative Domain (ADOM) to access device summary of unauthorized ADOMs via crafted HTTP requests.
Credit: psirt@fortinet.com
Affected Software | Affected Version | How to fix |
---|---|---|
Fortinet FortiManager | >=7.4.0<=7.4.2 | |
Fortinet FortiManager | >=7.2.0<=7.2.5 | |
Fortinet FortiManager | >=7.0 |
Please upgrade to FortiManager version 7.4.3 or above Please upgrade to FortiManager version 7.2.6 or above
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.