A missing authentication for critical function [CWE-306] vulnerabilty in FortiSOAR's Postgres database may allow a local attacker to access sensitive information via logging into the database using a privileged account without a password.
Affected ProductsFortiSOAR version 7.2.0 through 7.2.2
FortiSOAR version 7.0.0 through 7.0.3
FortiSOAR version 6.4.0 through 6.4.4
Please upgrade to upcoming FortiSOAR version 7.3.0 or above