COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2022-40684

CVE-2022-40684

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2022-10-11
Reference
https://nvd.nist.gov/vuln/detail/CVE-2022-40684
⌖ exploited in the wild shame 80/100 ransomwareexploited-in-wild

Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

Players implicated

Fortinet · vendorMultiple Products · product

Description

Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.