CVE-2022-40684 - Fortinet Multiple Products Authentication Bypass Vulnerability
CVE-2022-40684
Fortinet | Multiple Products
- Date Added:
- 2022-10-11
- Due Date:
- 2022-11-01
- Vulnerability Name
Fortinet Multiple Products Authentication Bypass Vulnerability
- Description
Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
- Known To Be Used in Ransomware Campaigns?
Known
- Action
Apply updates per vendor instructions.
- Additional Notes
- https://www.fortiguard.com/psirt/FG-IR-22-377; https://nvd.nist.gov/vuln/detail/CVE-2022-40684
Free security scan for your website