Lucene search
PRIOn knowledge basePRION:CVE-2022-38378HistoryFeb 16, 2023 - 7:15 p.m.
Privilege escalation
2023-02-1619:15:00
PRIOn knowledge base
www.prio-n.com
4
privilege escalation
vulnerability
fortinet fortios
fortiproxy
admin profile
read write
cli
gui
An improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fortios | ge | 7.2.0 | |
| fortios | lt | 7.2.1 | |
| fortios | ge | 6.0.0 | |
| fortios | lt | 7.0.8 | |
| fortiproxy | ge | 7.2.0 | |
| fortiproxy | lt | 7.2.2 | |
| fortiproxy | ge | 7.0.0 | |
| fortiproxy | lt | 7.0.8 | |
| fortiproxy | ge | 1.1.0 | |
| fortiproxy | le | 2.0.9 |
References
Related
cve
cve
CVE-2022-38378
2023-02-16 19:15:12
cvelist
cvelist
CVE-2022-38378
2023-02-16 18:06:36
nessus
nessus
fortinet
fortinet
Protect
2023-02-16 00:00:00
nvd
nvd
CVE-2022-38378
2023-02-16 19:15:12