VYPR
Unrated severityNVD Advisory· Published Jun 13, 2023· Updated Oct 22, 2024

CVE-2022-39946

CVE-2022-39946

Description

An access control vulnerability [CWE-284] in FortiNAC version 9.4.2 and below, version 9.2.7 and below, 9.1 all versions, 8.8 all versions, 8.7 all versions, 8.6 all versions, 8.5 all versions may allow a remote attacker authenticated on the administrative interface to perform unauthorized jsp calls via crafted HTTP requests.

Affected products

2
  • Fortinet/Fortinac Fllm-fuzzy2 versions
    <= 9.4.2, <= 9.2.7, <= 9.1 all versions, <= 8.8 all versions, <= 8.7 all versions, <= 8.6 all versions, <= 8.5 all versions+ 1 more
    • (no CPE)range: <= 9.4.2, <= 9.2.7, <= 9.1 all versions, <= 8.8 all versions, <= 8.7 all versions, <= 8.6 all versions, <= 8.5 all versions
    • (no CPE)range: 9.4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.