Количество 3
Количество 3
CVE-2023-42782
A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via the knoweldge of an authorized device serial number.
GHSA-g4h5-9rrr-q667
A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via the knoweldge of an authorized device serial number.
BDU:2023-06697
Уязвимость сервера syslog межсетевого экрана FortiAnalyzer , позволяющая нарушителю отправлять произвольные сообщения на сервер
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-42782 A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via the knoweldge of an authorized device serial number. | CVSS3: 5.3 | 0% Низкий | больше 2 лет назад |
| GHSA-g4h5-9rrr-q667 A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via the knoweldge of an authorized device serial number. | CVSS3: 5.3 | 0% Низкий | больше 2 лет назад |
 | BDU:2023-06697 Уязвимость сервера syslog межсетевого экрана FortiAnalyzer , позволяющая нарушителю отправлять произвольные сообщения на сервер | CVSS3: 5.3 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу