CVE-2022-40684

Description

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

From the Tenable Blog

CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxy

Published: 2022-10-07

Fortinet has patched a critical authentication bypass in its FortiOS and FortiProxy products that could lead to administrator access.

References

https://www.tenable.com/blog/cve-2023-48788-critical-fortinet-forticlientems-sql-injection-vulnerability

https://www.tenable.com/blog/cve-2024-21762-critical-fortinet-fortios-out-of-bound-write-ssl-vpn-vulnerability

https://www.tenable.com/blog/aa23-215a-2022s-top-routinely-exploited-vulnerabilities

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-215a

https://www.tenable.com/blog/cve-2023-27997-heap-based-buffer-overflow-in-fortinet-fortios-and-fortiproxy-ssl-vpn-xortigate

https://www.tenable.com/cyber-exposure/tenable-2022-threat-landscape-report

https://www.horizon3.ai/attack-research/attack-blogs/fortinet-iocs-cve-2022-40684/

https://www.tenable.com/blog/cve-2022-40684-critical-authentication-bypass-in-fortios-and-fortiproxy

https://fortiguard.com/psirt/FG-IR-22-377

http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html

http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3