Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An improper neutralization of special elements used in a template engine vulnerability [CWE-1336] in FortiSOAR management interface 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.4 may allow a remote and authenticated attacker to execute arbitrary code via a crafted payload.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiSOAR 代码注入漏洞
Vulnerability Description
Fortinet FortiSOAR是美国Fortinet的一种安全编排、自动化和响应 (SOAR) 解决方案。 Fortinet FortiSOAR 管理接口存在安全漏洞,该漏洞源于其使用的特殊元素进行不正确的中和,可能允许经过身份验证的远程攻击者通过精心编制的有效载荷执行任意代码。以下版本受到影响:7.2.0版本、7.0.0至7.0.3版本、6.4.0至6.4.4版本。
CVSS Information
N/A
Vulnerability Type
N/A