FortiSOAR is a cloud-based platform for managing and automating security operations. This vulnerability allows an authenticated attacker to access sensitive information by crafting malicious requests. The risk is significant as it can lead to unauthorized disclosure of employee data, payroll records, and system configurations.
You're affected if you use An improper access control vulnerability. Affected versions: 7.5.1, 7.6.2 If you don't recognise this software, you're probably not affected.
To fix this vulnerability, upgrade to the following fixed versions:
- FortiSOAR PaaS: 7.6.3 or above (available on the Fortinet website)
- Immediate mitigations:
- Restrict network access to your FortiSOAR instance (firewall it from the public internet)
- Audit admin account activity for suspicious access patterns
- Monitor for unauthorized token creation