CVE-2022-40684

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

Published: Oct 18, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-40684
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-287
CWE-306

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
fortinet / fortiswitchmanager	7.0.0	7.0.0.x
fortinet / fortiswitchmanager	7.2.0	7.2.0.x
fortinet / fortiproxy	7.2.0	7.2.0.x
fortinet / fortiproxy	7.0.0	7.0.7
fortinet / fortios	7.0.0	7.0.7
fortinet / fortios	7.2.0	7.2.2

http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html
http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html
https://fortiguard.com/psirt/FG-IR-22-377

Vulnerability Database

289,784

CVE-2022-40684