VYPR
Unrated severityNVD Advisory· Published Aug 3, 2022· Updated Oct 22, 2024

CVE-2022-23442

CVE-2022-23442

Description

An improper access control vulnerability [CWE-284] in FortiOS versions 6.2.0 through 6.2.11, 6.4.0 through 6.4.8 and 7.0.0 through 7.0.5 may allow an authenticated attacker with a restricted user profile to gather the checksum information about the other VDOMs via CLI commands.

Affected products

2
  • Fortinet/Fortiosllm-fuzzy
    Range: 6.2.0-6.2.11, 6.4.0-6.4.8, 7.0.0-7.0.5
  • Fortinet/Fortinetcpe-rescue
    Range: FortiOS 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0, 6.4.8, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.11, 6.2.10, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.