How severe is CVE-2022-45862?

CVE-2022-45862 has a CVSS v3 score of 3.7 (LOW).

CVE-2022-45862

Name: fortipam
Author: fortinet

3.7LOW

An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all

Published: 8/13/2024Updated: 8/22/2024

Description

An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below, 7.0 all versions GUI may allow attackers to re-use websessions after GUI logout, should they manage to acquire the required credentials.

AI AnalysisPowered by AI

Affected Products

fortinetfortiproxy

fortinetfortiswitchmanager

fortinetfortios

fortinetfortipam

References

https://fortiguard.com/psirt/FG-IR-22-445
Vendor Advisory