How severe is CVE-2022-38375?

CVE-2022-38375 has a CVSS v3 score of 9.1 (CRITICAL).

CVE-2022-38375

Name: fortinac-f
Author: fortinet

9.1CRITICAL

An improper authorization vulnerability [CWE-285] in Fortinet FortiNAC version 9.4.0 through 9.4.1 and before 9.2.6 allows an unauthenticated user to perform some administrative operations over the F

Published: 2/16/2023Updated: 11/21/2024

Description

An improper authorization vulnerability [CWE-285] in Fortinet FortiNAC version 9.4.0 through 9.4.1 and before 9.2.6 allows an unauthenticated user to perform some administrative operations over the FortiNAC instance via crafted HTTP POST requests.

AI AnalysisPowered by AI

Affected Products

fortinetfortinac

fortinetfortinac-f

References

https://fortiguard.com/psirt/FG-IR-22-329
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-22-329
Vendor Advisory