Security Advisory

CVE-2022-40684

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-10-18 00:00:00

Last updated 2026-01-12 21:20:08

Assigner fortinet

State PUBLISHED

Description

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

← Browse all CVEs View on cve.org ↗