SSRF in FortiGuard Outbreak feature Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-22-493 Final 1 1 2023-06-12T00:00:00 Current version 2023-06-12T00:00:00 2023-06-12T00:00:00 A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests. None Information disclosure FortiAnalyzer 7.2.1 FortiAnalyzer 7.2.0 FortiAnalyzer 7.0.6 FortiAnalyzer 7.0.5 FortiAnalyzer 7.0.4 FortiAnalyzer 7.0.3 FortiAnalyzer 7.0.2 FortiAnalyzer 7.0.1 FortiAnalyzer 7.0.0 FortiAnalyzer 6.4.11 FortiAnalyzer 6.4.10 FortiAnalyzer 6.4.9 FortiAnalyzer 6.4.8 FortiManager 7.2.1 FortiManager 7.2.0 FortiManager 7.0.6 FortiManager 7.0.5 FortiManager 7.0.4 FortiManager 7.0.3 FortiManager 7.0.2 FortiManager 7.0.1 FortiManager 7.0.0 FortiManager 6.4.11 FortiManager 6.4.10 FortiManager 6.4.9 FortiManager 6.4.8 CVE-2023-25609 FortiAnalyzer-7.2.1 FortiAnalyzer-7.2.0 FortiAnalyzer-7.0.6 FortiAnalyzer-7.0.5 FortiAnalyzer-7.0.4 FortiAnalyzer-7.0.3 FortiAnalyzer-7.0.2 FortiAnalyzer-7.0.1 FortiAnalyzer-7.0.0 FortiAnalyzer-6.4.11 FortiAnalyzer-6.4.10 FortiAnalyzer-6.4.9 FortiAnalyzer-6.4.8 FortiManager-7.2.1 FortiManager-7.2.0 FortiManager-7.0.6 FortiManager-7.0.5 FortiManager-7.0.4 FortiManager-7.0.3 FortiManager-7.0.2 FortiManager-7.0.1 FortiManager-7.0.0 FortiManager-6.4.11 FortiManager-6.4.10 FortiManager-6.4.9 FortiManager-6.4.8 4.2 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:F/RL:X/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-22-493 SSRF in FortiGuard Outbreak feature Reference>