CVE-2022-27490 Information

Description

A exposure of sensitive information to an unauthorized actor in Fortinet FortiManager version 6.0.0 through 6.0.4 FortiAnalyzer version 6.0.0 through 6.0.4 FortiPortal version 6.0.0 through 6.0.9 5.3.0 through 5.3.8 5.2.x 5.1.0 5.0.x 4.2.x 4.1.x FortiSwitch version 7.0.0 through 7.0.4 6.4.0 through 6.4.10 6.2.x 6.0.x allows an attacker which has obtained access to a restricted administrative account to obtain sensitive information via diagnose debug commands.

Reference

https://fortiguard.com/psirt/FG-IR-18-232