A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.11, FortiProxy version 7.2.0 through 7.2.2 and 7.0.0 through 7.0.8 allows privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-401 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-03-07T16:21:53.725Z
Updated: 2024-08-03T13:10:40.836Z
Reserved: 2022-10-07T14:05:36.301Z
Link: CVE-2022-42476
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-03-07T17:15:12.303
Modified: 2023-11-07T03:53:22.927
Link: CVE-2022-42476
Redhat
No data.