VYPR
Unrated severityNVD Advisory· Published Apr 11, 2023· Updated Oct 22, 2024

CVE-2022-43947

CVE-2022-43947

Description

An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions.

Affected products

4
  • Fortinet/Fortiproxyllm-fuzzy2 versions
    >=7.2.0, <=7.2.2 || <7.0.8+ 1 more
    • (no CPE)range: >=7.2.0, <=7.2.2 || <7.0.8
    • (no CPE)range: 7.2.0
  • Fortinet/Fortiosllm-fuzzy2 versions
    >=7.2.0, <=7.2.3 || <7.0.10+ 1 more
    • (no CPE)range: >=7.2.0, <=7.2.3 || <7.0.10
    • (no CPE)range: 7.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.