An improper authorization vulnerability [CWE-285] in Fortinet FortiNAC version 9.4.0 through 9.4.1 and before 9.2.6 allows an unauthenticated user to perform some administrative operations over the FortiNAC instance via crafted HTTP POST requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-329 |
History
Wed, 23 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-02-16T18:06:21.944Z
Updated: 2024-10-23T14:46:49.340Z
Reserved: 2022-08-16T14:17:48.479Z
Link: CVE-2022-38375
Vulnrichment
Updated: 2024-08-03T10:54:03.270Z
NVD
Status : Modified
Published: 2023-02-16T19:15:12.797
Modified: 2024-11-21T07:16:20.970
Link: CVE-2022-38375
Redhat
No data.