Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An Insufficient Verification of Data Authenticity vulnerability in FortiManager 6.2.1, 6.2.0, 6.0.6 and below may allow an unauthenticated attacker to perform a Cross-Site WebSocket Hijacking (CSWSH) attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiManager 数据伪造问题漏洞
Vulnerability Description
Fortinet FortiManager是美国飞塔(Fortinet)公司的一套集中化网络安全管理平台。该平台支持集中管理任意数量的Fortinet设备,并能够将设备分组到不同的管理域(ADOM)进一步简化多设备安全部署与管理。 Fortinet FortiManager 6.2.0至6.2.1版本和6.0.6及之前版本中存在安全漏洞。攻击者可利用该漏洞进行跨站WebSocket劫持攻击。
CVSS Information
N/A
Vulnerability Type
N/A