An exposure of resource to wrong sphere vulnerability [CWE-668] in FortiAnalyzer and FortiManager GUI may allow an unauthenticated
and remote attacker to access report template images via referencing the name in the URL path.
FortiManager version 7.0.0 through 7.0.3 FortiManager 6.4 all versions FortiManager 6.2 all versions FortiManager 6.0 all versions FortiManager 5.6 all versions
FortiAnalyzer version 7.0.0 through 7.0.3 FortiAnalyzer 6.4 all versions FortiAnalyzer 6.2 all versions FortiAnalyzer 6.0 all versions FortiAnalyzer 5.6 all versions
Please upgrade to FortiAnalyzer version 7.0.4 or above Please upgrade to FortiAnalyzer version 7.2.0 or above Please upgrade to FortiManager version 7.0.4 or above. Please upgrade to FortiManager version 7.2.0 or above.