8 matches found
CVE-2022-35843
An authentication bypass by assumed-immutable data vulnerability CWE-302 in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allo...
Fortinet Fortigate SSH authentication bypass when RADIUS authentication is used (FG-IR-22-255)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-255 advisory. - An authentication bypass by assumed-immutable data vulnerability CWE-302 in the FortiOS SSH login component 7.2.0, 7.0.0...
CVE-2022-35843
creationtimestamp| type| source ---|---|--- 2022-12-06 20:41:00+00:00| seen| https://t.me/cibsecurity/54081...
CVE-2022-35843
An authentication bypass by assumed-immutable data vulnerability CWE-302 in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allo...
CVE-2022-35843
An authentication bypass by assumed-immutable data vulnerability CWE-302 in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allo...
CVE-2022-35843
CVE-2022-35843 affects FortiOS SSH login component (and FortiProxy SSH) across multiple versions, allowing remote, unauthenticated login via a crafted Access-Challenge response from RADIUS. Affected: FortiOS 6.0–7.2.0 and 6.2–6.4.9; FortiProxy 1.2.0–2.0.10 and 7.0.0–7.0.5. Root cause described as...
CVE-2022-35843
An authentication bypass by assumed-immutable data vulnerability CWE-302 in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allo...
CVE-2022-35843
An authentication bypass by assumed-immutable data vulnerability CWE-302 in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allo...