CVE-2022-41327
CVSS V2 None
CVSS V3 None
Description
A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.
Overview
- CVE ID
- CVE-2022-41327
- Assigner
- fortinet
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-06-13T08:41:41.742Z
- Last Modified Date
- 2023-06-13T08:41:41.742Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://fortiguard.com/psirt/FG-IR-22-380 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-41327 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41327 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-24 17:29:43 | Added to TrackCVE |