CVE-2022-35843

2022-12-0617:15:10

CWE-284

CWE-287

[email protected]

web.nvd.nist.gov

cve-2022-35843

fortios

fortiproxy

authentication bypass

remote attacker

access-challenge response

radius server

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

57.5%

JSON

An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.

Affected configurations

Nvd

Node

fortinetfortiproxyRange1.2.0–1.2.13

fortinetfortiproxyRange2.0.0–2.0.10

fortinetfortiproxyRange7.0.0–7.0.6

fortinetfortiosRange6.0.0–6.0.15

fortinetfortiosRange6.2.0–6.2.12

fortinetfortiosRange6.4.0–6.4.9

fortinetfortiosRange7.0.0–7.0.7

fortinetfortiosMatch7.2.0

fortinetfortiosMatch7.2.1

VendorProductVersionCPE
fortinetfortiproxy*cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*
fortinetfortios*cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
fortinetfortios7.2.0cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*
fortinetfortios7.2.1cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fortinet	fortiproxy	*	cpe:2.3:a:fortinet:fortiproxy::::::::
fortinet	fortios	*	cpe:2.3:o:fortinet:fortios::::::::
fortinet	fortios	7.2.0	cpe:2.3:o:fortinet:fortios:7.2.0:::::::*
fortinet	fortios	7.2.1	cpe:2.3:o:fortinet:fortios:7.2.1:::::::*