An insufficiently protected credentials in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow a local attacker with database access to recover user passwords.
References
History

Wed, 23 Oct 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-02-16T18:06:47.487Z

Updated: 2024-10-23T14:46:07.411Z

Reserved: 2022-09-14T13:17:43.617Z

Link: CVE-2022-40678

cve-icon Vulnrichment

Updated: 2024-08-03T12:21:46.598Z

cve-icon NVD

Status : Modified

Published: 2023-02-16T19:15:13.313

Modified: 2024-11-21T07:21:50.310

Link: CVE-2022-40678

cve-icon Redhat

No data.