VYPR
Unrated severityNVD Advisory· Published Nov 2, 2022· Updated Oct 22, 2024

CVE-2022-38380

CVE-2022-38380

Description

An improper access control [CWE-284] vulnerability in FortiOS version 7.2.0 and versions 7.0.0 through 7.0.7 may allow a remote authenticated read-only user to modify the interface settings via the API.

Affected products

2
  • Fortinet/Fortiosllm-fuzzy
    Range: >=7.0.0 <=7.0.7, =7.2.0
  • Fortinet/Fortinetcpe-rescue
    Range: FortiOS 7.2.0, 7.0.7, 7.0.6, 7.0.5, 7.0.4, 7.0.3, 7.0.2, 7.0.1, 7.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.