Details of VAR-202210-0198

ID

VAR-202210-0198

CVE

CVE-2022-40684

TITLE

Authentication vulnerabilities in multiple Fortinet products

Trust: 0.8

sources: JVNDB: JVNDB-2022-019256

DESCRIPTION

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. fortinet's FortiProxy , FortiSwitch Manager , FortiOS There is an authentication vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. Fortinet FortiOS has security flaws. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements

Trust: 1.71

sources: NVD: CVE-2022-40684 // JVNDB: JVNDB-2022-019256 // VULHUB: VHN-429172

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortios	scope:	lt	version:	7.2.2	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lt	version:	7.0.7	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	7.2.0	Trust: 1.0
vendor:	fortinet	model:	fortiswitchmanager	scope:	eq	version:	7.2.0	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	lt	version:	7.0.7	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	eq	version:	7.2.0	Trust: 1.0
vendor:	fortinet	model:	fortiproxy	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	fortinet	model:	fortiswitchmanager	scope:	eq	version:	7.0.0	Trust: 1.0
vendor:	フォーティネット	model:	fortios	scope:	eq	version:	7.2.0 that's all 7.2.2	Trust: 0.8
vendor:	フォーティネット	model:	fortiswitch manager	scope:	-	version:	-	Trust: 0.8
vendor:	フォーティネット	model:	fortiproxy	scope:	-	version:	-	Trust: 0.8
vendor:	フォーティネット	model:	fortios	scope:	eq	version:	7.0.0 that's all 7.0.7	Trust: 0.8

sources: JVNDB: JVNDB-2022-019256 // NVD: CVE-2022-40684

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2022-40684
value:	CRITICAL
Trust: 1.8
psirt@fortinet.com:	CVE-2022-40684
value:	CRITICAL
Trust: 1.0
CNNVD:	CNNVD-202210-347
value:	CRITICAL
Trust: 0.6

NVD:
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2022-40684
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-019256 // NVD: CVE-2022-40684 // NVD: CVE-2022-40684 // CNNVD: CNNVD-202210-347

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.0
problemtype:	Inappropriate authentication (CWE-287) [NVD evaluation ]	Trust: 0.8
problemtype:	CWE-306	Trust: 0.1

sources: VULHUB: VHN-429172 // JVNDB: JVNDB-2022-019256 // NVD: CVE-2022-40684

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202210-347

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-202210-347

CONFIGURATIONS

sources: NVD: CVE-2022-40684

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-429172

PATCH

title:

FG-IR-22-377

url:

https://fortiguard.com/psirt/fg-ir-22-377

Trust: 0.8

sources: JVNDB: JVNDB-2022-019256

EXTERNAL IDS

db:	NVD	id:	CVE-2022-40684	Trust: 3.3
db:	PACKETSTORM	id:	169431	Trust: 2.5
db:	PACKETSTORM	id:	171515	Trust: 2.4
db:	JVNDB	id:	JVNDB-2022-019256	Trust: 0.8
db:	CNNVD	id:	CNNVD-202210-347	Trust: 0.7
db:	EXPLOIT-DB	id:	51092	Trust: 0.6
db:	VULHUB	id:	VHN-429172	Trust: 0.1

sources: VULHUB: VHN-429172 // JVNDB: JVNDB-2022-019256 // NVD: CVE-2022-40684 // CNNVD: CNNVD-202210-347

REFERENCES

url:	http://packetstormsecurity.com/files/169431/fortinet-fortios-fortiproxy-fortiswitchmanager-authentication-bypass.html	Trust: 3.1
url:	http://packetstormsecurity.com/files/171515/fortinet-7.2.1-authentication-bypass.html	Trust: 2.4
url:	https://fortiguard.com/psirt/fg-ir-22-377	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-40684	Trust: 0.8
url:	https://www.cisa.gov/known-exploited-vulnerabilities-catalog	Trust: 0.8
url:	https://vigilance.fr/vulnerability/fortios-privilege-escalation-39490	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-40684/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/fortinet-fortios-privilege-escalation-via-http-https-administrative-interface-39490	Trust: 0.6
url:	https://www.exploit-db.com/exploits/51092	Trust: 0.6

sources: VULHUB: VHN-429172 // JVNDB: JVNDB-2022-019256 // NVD: CVE-2022-40684 // CNNVD: CNNVD-202210-347

SOURCES

db:	VULHUB	id:	VHN-429172
db:	JVNDB	id:	JVNDB-2022-019256
db:	NVD	id:	CVE-2022-40684
db:	CNNVD	id:	CNNVD-202210-347

LAST UPDATE DATE

2023-12-18T12:54:47.188000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-429172	date:	2022-10-20T00:00:00
db:	JVNDB	id:	JVNDB-2022-019256	date:	2023-10-25T02:51:00
db:	NVD	id:	CVE-2022-40684	date:	2023-08-08T14:22:24.967
db:	CNNVD	id:	CNNVD-202210-347	date:	2023-03-28T00:00:00

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-429172	date:	2022-10-18T00:00:00
db:	JVNDB	id:	JVNDB-2022-019256	date:	2023-10-25T00:00:00
db:	NVD	id:	CVE-2022-40684	date:	2022-10-18T14:15:09.747
db:	CNNVD	id:	CNNVD-202210-347	date:	2022-10-07T00:00:00