Description

Fortinet products FortiOS, FortiProxy, FortiSwitchManager are vulnerable to an authentication bypass vulnerability that allows an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

The flaw affects the following versions:

  • FortiOS version 7.2.0 through 7.2.1
  • FortiOS version 7.0.0 through 7.0.6
  • FortiProxy version 7.2.0
  • FortiProxy version 7.0.0 through 7.0.6
  • FortiSwitchManager version 7.2.0
  • FortiSwitchManager version 7.0.0

    • Remediation

    Please upgrade to FortiOS version 7.2.2 or above
    Please upgrade to FortiOS version 7.0.7 or above
    Please upgrade to FortiProxy version 7.2.1 or above
    Please upgrade to FortiProxy version 7.0.7 or above
    Please upgrade to FortiSwitchManager version 7.2.1 or above

    References

    FortiOS / FortiProxy / FortiSwitchManager - Authentication bypass on administrative interface

    FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684)

    Related Vulnerabilities

    WordPress Plugin Analytics Remote Code Execution (1.7)

    WordPress Plugin Profile Builder-User Profile & User Registration Forms Security Bypass (1.1.59)

    Oracle Reports rwservlet vulnerabilities

    WordPress Plugin Secure File Manager Remote Code Execution (2.8.1)

    WordPress Plugin PayPal for WooCommerce Security Bypass (1.5.7)

    Severity

    High

    Classification

    CVE-2022-40684 CWE-288 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

    Tags

    Code Execution Authentication Bypass Insecure Admin Access