A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5.6.0 through 5.6.11, FortiAnalyzer version 6.0.0 through 6.0.11, FortiAnalyzer version 6.2.0 through 6.2.9, FortiAnalyzer version 6.4.0 through 6.4.7, FortiAnalyzer version 7.0.0 through 7 .0.2, FortiManager version 5.6.0 through 5.6.11, FortiManager version 6.0.0 through 6.0.11, FortiManager version 6.2.0 through 6.2.9, FortiManager version 6.4.0 through 6.4.7, FortiManager version 7.0.0 through 7.0.2 allows attacker to bypass the device policy and force the password-change action for its user.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-21-255 |
History
Tue, 22 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2022-03-01T18:25:16
Updated: 2024-10-22T21:01:00.396Z
Reserved: 2022-01-03T00:00:00
Link: CVE-2022-22300
Vulnrichment
Updated: 2024-08-03T03:07:50.395Z
NVD
Status : Modified
Published: 2022-03-01T19:15:08.590
Modified: 2024-11-21T06:46:35.730
Link: CVE-2022-22300
Redhat
No data.