CVE-2022-42477 Information

Description

An improper input validation vulnerability [CWE-20] in FortiAnalyzer version 7.2.1 and below version 7.0.6 and below 6.4 all versions may allow an authenticated attacker to disclose file system information via custom dataset SQL queries.

Reference

https://fortiguard.com/psirt/FG-IR-22-432