Fortinet, a provider of cybersecurity solutions, this week announced the release of security updates for a number of its products, including patches for a serious flaw in FortiPresence.
FortiPresence is a data analytics solution offered as a hosted cloud service or as a virtual machine, for private installations. It provides analytics, heat maps, and reporting. This week, Fortinet disclosed that the FortiPresence infrastructure server contains a critical missing authentication vulnerability that could allow access to Redis and MongoDB instances.
The vulnerability, identified as CVE-2022-41331 (CVSS score of 9.3), can be used by a remote, unauthenticated attacker through carefully crafted authentication requests.
Read More: Fortinet Patches Critical Vulnerability in Data Analytics Solution
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.