An access control vulnerability [CWE-284] in FortiNAC version 9.4.2 and below, version 9.2.7 and below, 9.1 all versions, 8.8 all versions, 8.7 all versions, 8.6 all versions, 8.5 all versions may allow a remote attackerĀ authenticated on the administrative interface to perform unauthorized jsp calls via crafted HTTP requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-332 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-06-13T08:41:41.234Z
Updated: 2024-08-03T12:07:42.979Z
Reserved: 2022-09-05T13:11:35.552Z
Link: CVE-2022-39946
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-06-13T09:15:14.620
Modified: 2023-11-07T03:50:40.760
Link: CVE-2022-39946
Redhat
No data.