HTTP: Fortinet Authentication Bypass

This signature detects attempts to exploit a known vulnerability against Fortinet. A successful attack can lead to security bypass.

Extended Description

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

Affected Products

Fortinet fortiproxy

References

CVE: CVE-2022-40684

Short Name
HTTP:CTS:FORTINET-AUTH-BYPS
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Authentication Bypass CVE-2022-40684 Fortinet
Release Date
05/23/2023
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3771
False Positive
Unknown
Vendors

Fortinet

Found a potential security threat?