Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0 through 6.2.7, 6.0.x, FortiMail version 7.0.0 through 7.0.3, 6.4.0 through 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 through 6.4.2, 6.0.x, 2.7.x, 2.6.x, FortiNDR version 1.x.x allows a remote unauthenticated attacker to execute commands on the CLI via tricking an authenticated administrator to execute malicious GET requests.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Fortinet FortiVoice 安全漏洞
Vulnerability Description
Fortinet FortiSwitch等都是美国飞塔(Fortinet)公司的产品。FortiSwitch是一款交换机产品,Fortinet FortiVoice是tine等都是tine公司的产品。tine是一个团队协作软件。 Fortinet FortiVoiceEnterprise, FortiSwitch, FortiMail, FortiRecorder, FortiNDR 存在安全漏洞,该漏洞源于存在跨站请求伪造。未经身份验证的远程攻击者通过欺骗经过身份验证的管理员执行恶意 GET 请求来在
CVSS Information
N/A
Vulnerability Type
N/A