Description

Fortinet products FortiOS, FortiProxy, FortiSwitchManager are vulnerable to an authentication bypass vulnerability that allows an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

The flaw affects the following versions:

  • FortiOS version 7.2.0 through 7.2.1
  • FortiOS version 7.0.0 through 7.0.6
  • FortiProxy version 7.2.0
  • FortiProxy version 7.0.0 through 7.0.6
  • FortiSwitchManager version 7.2.0
  • FortiSwitchManager version 7.0.0

    • Remediation

    Please upgrade to FortiOS version 7.2.2 or above
    Please upgrade to FortiOS version 7.0.7 or above
    Please upgrade to FortiProxy version 7.2.1 or above
    Please upgrade to FortiProxy version 7.0.7 or above
    Please upgrade to FortiSwitchManager version 7.2.1 or above

    References

    FortiOS / FortiProxy / FortiSwitchManager - Authentication bypass on administrative interface

    FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684)

    Related Vulnerabilities

    WordPress Plugin WP to Twitter Security Bypass (3.2.19)

    WordPress Plugin Login No Captcha reCAPTCHA Security Bypass (1.4.1)

    WordPress Plugin WP Maintenance Mode Remote Code Execution (2.0.6)

    WordPress Plugin YITH WooCommerce Questions and Answers Security Bypass (1.1.9)

    WordPress Plugin WooCommerce PDF Vouchers-Ultimate Gift Cards Security Bypass (4.9.3)

    Severity

    High

    Classification

    CVE-2022-40684 CWE-288 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

    Tags

    Code Execution Authentication Bypass Insecure Admin Access