Description

Fortinet products FortiOS, FortiProxy, FortiSwitchManager are vulnerable to an authentication bypass vulnerability that allows an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

The flaw affects the following versions:

  • FortiOS version 7.2.0 through 7.2.1
  • FortiOS version 7.0.0 through 7.0.6
  • FortiProxy version 7.2.0
  • FortiProxy version 7.0.0 through 7.0.6
  • FortiSwitchManager version 7.2.0
  • FortiSwitchManager version 7.0.0

    • Remediation

    Please upgrade to FortiOS version 7.2.2 or above
    Please upgrade to FortiOS version 7.0.7 or above
    Please upgrade to FortiProxy version 7.2.1 or above
    Please upgrade to FortiProxy version 7.0.7 or above
    Please upgrade to FortiSwitchManager version 7.2.1 or above

    References

    FortiOS / FortiProxy / FortiSwitchManager - Authentication bypass on administrative interface

    FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684)

    Related Vulnerabilities

    WordPress Plugin Visual CSS Style Editor Security Bypass (7.1.9)

    WordPress Plugin WooCommerce Remote Code Execution (4.0.1)

    WordPress Cookie Data PHP Code Injection Vulnerability (1.5 - 1.5.1.3)

    WordPress Plugin Stripe For WooCommerce Security Bypass (3.3.9)

    Unauthenticated Remote Code Execution via JSONWS in Liferay 6.1 (LPS-88051)

    Severity

    High

    Classification

    CVE-2022-40684 CWE-288 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:U/RC:C CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

    Tags

    Code Execution Authentication Bypass Insecure Admin Access