Описание
An improper control of generation of code ('Code Injection') vulnerability [CWE-94] in FortiSOAR Connector FortiSOAR 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an authenticated attacker to execute arbitrary code on the host via a playbook code snippet.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.4.0 (включая) до 7.4.5 (включая)
cpe:2.3:a:fortinet:fortisoar:*:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00233
Низкий
8.4 High
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 8.4
github
11 месяцев назад
An improper control of generation of code ('Code Injection') vulnerability [CWE-94] in FortiSOAR Connector FortiSOAR 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an authenticated attacker to execute arbitrary code on the host via a playbook code snippet.
EPSS
Процентиль: 46%
0.00233
Низкий
8.4 High
CVSS3
Дефекты
CWE-94