Unrated severityNVD Advisory· Published Jun 13, 2023· Updated Oct 22, 2024
CVE-2022-39946
CVE-2022-39946
Description
An access control vulnerability [CWE-284] in FortiNAC version 9.4.2 and below, version 9.2.7 and below, 9.1 all versions, 8.8 all versions, 8.7 all versions, 8.6 all versions, 8.5 all versions may allow a remote attacker authenticated on the administrative interface to perform unauthorized jsp calls via crafted HTTP requests.
Affected products
2<= 9.4.2, <= 9.2.7, <= 9.1 all versions, <= 8.8 all versions, <= 8.7 all versions, <= 8.6 all versions, <= 8.5 all versions+ 1 more
- (no CPE)range: <= 9.4.2, <= 9.2.7, <= 9.1 all versions, <= 8.8 all versions, <= 8.7 all versions, <= 8.6 all versions, <= 8.5 all versions
- (no CPE)range: 9.4.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.