logo

CVE-2022-40684 - Fortinet Multiple Products Authentication Bypass Vulnerability

CVE-2022-40684

Fortinet | Multiple Products

  • Date Added:
  • 2022-10-11
  • Due Date:
  • 2022-11-01
Vulnerability Name

Fortinet Multiple Products Authentication Bypass Vulnerability

Description

Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply updates per vendor instructions.

Additional Notes
https://www.fortiguard.com/psirt/FG-IR-22-377; https://nvd.nist.gov/vuln/detail/CVE-2022-40684

Free security scan for your website