Access Control Vulnerability in Fortinet FortiNAC Product
CVE-2022-39946
7.2HIGH
What is CVE-2022-39946?
An access control vulnerability in Fortinet's FortiNAC product allows an authenticated remote attacker on the administrative interface to execute unauthorized JSP calls through specially crafted HTTP requests. This could potentially compromise the integrity of the system and allow unauthorized operations. The vulnerability affects multiple versions of FortiNAC, necessitating prompt attention from users to mitigate associated risks.
Affected Version(s)
FortiNAC 9.4.0 <= 9.4.1
FortiNAC 9.2.0 <= 9.2.6
FortiNAC 9.1.0 <= 9.1.10