漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] vulnerability in Fortinet FortiSOAR Agent Communication Bridge 1.1.0, FortiSOAR Agent Communication Bridge 1.0 all versions may allow an unauthenticated attacker to read files accessible to the fortisoar user on a system where the agent is deployed, via sending a crafted request to the agent port.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Fortinet FortiSOAR Agent Communication Bridge 路径遍历漏洞
Vulnerability Description
Fortinet FortiSOAR Agent Communication Bridge是美国飞塔(Fortinet)公司的一个自动化平台的代理通信组件。 Fortinet FortiSOAR Agent Communication Bridge 1.1.0版本和1.0所有版本存在路径遍历漏洞,该漏洞源于路径名限制不当,可能导致未经身份验证的攻击者通过向代理端口发送特制请求读取部署代理系统上fortisoar用户可访问的文件。
CVSS Information
N/A
Vulnerability Type
N/A