HomePentest-Tools.com Logo

FortiOS, FortiProxy and FortiSwitchManager - Authentication Bypass (CVE-2022-40684)

Severity
CVSSv3 Score
9.6
Vulnerability description

FortiOS, FortiProxy, and FortiSwitchManager are affected by an Authentication Bypass vulnerability that can lead to adding an SSH key of an existing user and gaining access to the server for an unauthorized user. The root cause of this vulnerability consists in exposing a web interface that could allow an unauthenticated user to change server configurations.

Risk description

The risk exists that a remote unauthenticated attacker can fully compromise the server in order to steal confidential information, install ransomware, or pivot to the internal network.

Exploit capabilities

Sniper can extract custom artefacts as evidence from the target system.

Recommendation

Upgrade the FortiOS, FortiProxy or FortiSwitchManager to the latest version.

Codename
Not available
Detectable with
Network Scanner
Exploitable with Sniper
Yes
Vuln date
Oct 2022
Published at
Updated at
Software Type
Firewall
Vendor
Fortinet
Product
FortiOS, FortiProxy and FortiSwitchManager