cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-42473,https://securityvulnerability.io/vulnerability/CVE-2022-42473,,A missing authentication for a critical function vulnerability in Fortinet FortiSOAR 6.4.0 - 6.4.4 and 7.0.0 - 7.0.3 and 7.2.0 allows an attacker to disclose information via logging into the database using a privileged account without a password.,Fortinet,Fortinet Fortisoar,5.3,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2022-11-02T00:00:00.000Z,0
CVE-2022-29061,https://securityvulnerability.io/vulnerability/CVE-2022-29061,,An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSOAR before 7.2.1 allows an authenticated attacker to execute unauthorized code or commands via crafted HTTP GET requests.,Fortinet,Fortinet Fortisoar,7.2,HIGH,0.0014799999771639705,false,false,false,false,,false,false,2022-09-09T06:55:08.000Z,0
CVE-2022-35847,https://securityvulnerability.io/vulnerability/CVE-2022-35847,,"An improper neutralization of special elements used in a template engine vulnerability [CWE-1336] in FortiSOAR management interface 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.4 may allow a remote and authenticated attacker to execute arbitrary code via a crafted payload.",Fortinet,Fortinet Fortisoar,6.3,MEDIUM,0.001120000029914081,false,false,false,false,,false,false,2022-09-06T15:15:28.000Z,0
CVE-2022-30298,https://securityvulnerability.io/vulnerability/CVE-2022-30298,,"An improper privilege management vulnerability [CWE-269] in Fortinet FortiSOAR before 7.2.1 allows a GUI user who has already found a way to modify system files (via another, unrelated and hypothetical exploit) to execute arbitrary Python commands as root.",Fortinet,Fortinet Fortisoar,7,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2022-09-06T15:10:29.000Z,0
CVE-2022-29062,https://securityvulnerability.io/vulnerability/CVE-2022-29062,,Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiSOAR before 7.2.1 allows an authenticated attacker to write to the underlying filesystem with nginx permissions via crafted HTTP requests.,Fortinet,Fortinet Fortisoar,6.3,MEDIUM,0.000859999970998615,false,false,false,false,,false,false,2022-09-06T15:10:24.000Z,0
CVE-2022-23443,https://securityvulnerability.io/vulnerability/CVE-2022-23443,,An improper access control in Fortinet FortiSOAR before 7.2.0 allows unauthenticated attackers to access gateway API data via crafted HTTP GET requests.,Fortinet,Fortinet Fortisoar,7.5,HIGH,0.0027099999133497477,false,false,false,false,,false,false,2022-05-04T15:25:21.000Z,0