A server-side request forgery (ssrf) vulnerability [CWE-918] vulnerability in Fortinet FortiSOAR PaaS 7.6.4, FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.4, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.2, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated attacker to discover services running on local ports via crafted requests.
Upgrade to FortiSOAR on-premise version 7.6.5 or above
Upgrade to FortiSOAR on-premise version 7.6.3 or above
Upgrade to upcoming FortiSOAR on-premise version 7.5.3 or above
Upgrade to FortiSOAR PaaS version 7.6.5 or above
Upgrade to FortiSOAR PaaS version 7.6.3 or above
Upgrade to upcoming FortiSOAR PaaS version 7.5.3 or above