Skip to main content

CVE-2022-38375

Severity High
Score 9.8/10

Summary

An improper authorization vulnerability [CWE-285]  in Fortinet FortiNAC version 9.4.0 through 9.4.1 and before 9.2.6 allows an unauthenticated user to perform some administrative operations over the FortiNAC instance via crafted HTTP POST requests.

  • LOW
  • NETWORK
  • HIGH
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • HIGH

References

Advisory Timeline

  • Published