Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A concurrent execution using shared resource with improper synchronization ('Race Condition') vulnerability [CWE-362] in Fortinet FortiAnalyzer version 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10 and before 7.0.13 allows an attacker to attempt to win a race condition to bypass the FortiCloud SSO authorization via crafted FortiCloud SSO requests.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
Vulnerability Type
使用共享资源的并发执行不恰当同步问题(竞争条件)
Vulnerability Title
Fortinet FortiAnalyzer 竞争条件问题漏洞
Vulnerability Description
Fortinet FortiAnalyzer是美国飞塔(Fortinet)公司的一套集中式网络安全报告解决方案。该产品主要用于收集网络日志数据,并通过报告套件对日志中的安全事件、网络流量、Web内容等进行分析、报告、归档操作。 Fortinet FortiAnalyzer存在竞争条件问题漏洞,该漏洞源于共享资源同步不当,可能导致竞争条件攻击。以下版本受到影响:7.6.0版本至7.6.2版本、7.4.0版本至7.4.6版本、7.2.0版本至7.2.10版本和7.0.13之前版本。
CVSS Information
N/A
Vulnerability Type
N/A