CVE-2022-41331 Information

Description

A missing authentication for critical function vulnerability [CWE-306] in FortiPresence infrastructure server before version 1.2.1 allows a remote unauthenticated attacker to access the Redis and MongoDB instances via crafted authentication requests.

Reference

https://fortiguard.com/psirt/FG-IR-22-355