An improper access control in Fortinet FortiSOAR before 7.2.0 allows unauthenticated attackers to access gateway API data via crafted HTTP GET requests.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Fortisoar | Fortinet | 6.4.0 (including) | 6.4.4 (including) |
Fortisoar | Fortinet | 7.0.0 (including) | 7.0.2 (including) |
Fortisoar | Fortinet | 6.0.0 (including) | 6.0.0 (including) |