A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5.6.0 through 5.6.11, FortiAnalyzer version 6.0.0 through 6.0.11, FortiAnalyzer version 6.2.0 through 6.2.9, FortiAnalyzer version 6.4.0 through 6.4.7, FortiAnalyzer version 7.0.0 through 7 .0.2, FortiManager version 5.6.0 through 5.6.11, FortiManager version 6.0.0 through 6.0.11, FortiManager version 6.2.0 through 6.2.9, FortiManager version 6.4.0 through 6.4.7, FortiManager version 7.0.0 through 7.0.2 allows attacker to bypass the device policy and force the password-change action for its user.
References
History

Tue, 22 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2022-03-01T18:25:16

Updated: 2024-10-22T21:01:00.396Z

Reserved: 2022-01-03T00:00:00

Link: CVE-2022-22300

cve-icon Vulnrichment

Updated: 2024-08-03T03:07:50.395Z

cve-icon NVD

Status : Modified

Published: 2022-03-01T19:15:08.590

Modified: 2024-11-21T06:46:35.730

Link: CVE-2022-22300

cve-icon Redhat

No data.