Early Access — Mondoo Vulnerability Intelligence is currently in preview.
An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unauthorized sessions via crafted FGSP session synchronization packets.
7.6.0Exploitability
AV:AAC:HPR:NUI:NScope
S:UImpact
C:NI:LA:N3.1/CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:NOther