FortiOS, FortiProxy and FortiSwitchManager - Authentication Bypass (CVE-2022-40684)
- Severity
- CVSSv3 Score
- 9.6
- Vulnerability description
FortiOS, FortiProxy, and FortiSwitchManager are affected by an Authentication Bypass vulnerability that can lead to adding an SSH key of an existing user and gaining access to the server for an unauthorized user. The root cause of this vulnerability consists in exposing a web interface that could allow an unauthenticated user to change server configurations.
- Risk description
The risk exists that a remote unauthenticated attacker can fully compromise the server in order to steal confidential information, install ransomware, or pivot to the internal network.
- Exploit capabilities
Sniper can extract custom artefacts as evidence from the target system.
- Recommendation
Upgrade the FortiOS, FortiProxy or FortiSwitchManager to the latest version.
- Codename
- Not available
- Detectable with
- Network Scanner
- Exploitable with Sniper
- Yes
- Vuln date
- Oct 2022
- Published at
- Updated at
- Software Type
- Firewall
- Vendor
- Fortinet
- Product
- FortiOS, FortiProxy and FortiSwitchManager