An access control vulnerability [CWE-284] in FortiNAC version 9.4.2 and below, version 9.2.7 and below, 9.1 all versions, 8.8 all versions, 8.7 all versions, 8.6 all versions, 8.5 all versions may allow a remote attackerĀ authenticated on the administrative interface to perform unauthorized jsp calls via crafted HTTP requests.
References
Link | Resource |
---|---|
https://fortiguard.com/psirt/FG-IR-22-332 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: fortinet
Published: 2023-06-13T08:41:41.234Z
Updated: 2023-06-13T08:41:41.234Z
Reserved: 2022-09-05T13:11:35.552Z
Link: CVE-2022-39946
JSON object: View
NVD Information
Status : Modified
Published: 2023-06-13T09:15:14.620
Modified: 2023-11-07T03:50:40.760
Link: CVE-2022-39946
JSON object: View
Redhat Information
No data.
CWE