A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5.6.0 through 5.6.11, FortiAnalyzer version 6.0.0 through 6.0.11, FortiAnalyzer version 6.2.0 through 6.2.9, FortiAnalyzer version 6.4.0 through 6.4.7, FortiAnalyzer version 7.0.0 through 7 .0.2, FortiManager version 5.6.0 through 5.6.11, FortiManager version 6.0.0 through 6.0.11, FortiManager version 6.2.0 through 6.2.9, FortiManager version 6.4.0 through 6.4.7, FortiManager version 7.0.0 through 7.0.2 allows attacker to bypass the device policy and force the password-change action for its user.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-21-255 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2022-03-01T18:25:16
Updated: 2024-08-03T03:07:50.395Z
Reserved: 2022-01-03T00:00:00
Link: CVE-2022-22300
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-03-01T19:15:08.590
Modified: 2023-08-08T14:21:49.707
Link: CVE-2022-22300
Redhat
No data.