| IR Number | FG-IR-22-409 |
| Date | Apr 11, 2023 |
| Severity |
Medium |
| CVSSv3 Score | 4.8 |
| Impact | Information disclosure |
| CVE ID | CVE-2022-43951 |
| Affected Products |
FortiNAC
:
9.4.1, 9.4.0, 9.2.8, 9.2.7, 9.2.6, 9.2.5, 9.2.4, 9.2.3, 9.2.2, 9.2.1, 9.2.0, 9.1.9, 9.1.8, 9.1.7, 9.1.6, 9.1.5, 9.1.4, 9.1.3, 9.1.2, 9.1.10, 9.1.1, 9.1.0, 8.8.9, 8.8.8, 8.8.7, 8.8.6, 8.8.5, 8.8.4, 8.8.3, 8.8.2, 8.8.11, 8.8.10, 8.8.1, 8.8.0, 8.7.6, 8.7.5, 8.7.4, 8.7.3, 8.7.2, 8.7.1, 8.7.0
|
| CVRF | Download |
Refine Search
PSIRT Advisories
FortiNAC - Report disclosure to unauthenticated users
Summary
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiNAC may allow an unauthenticated attacker to access sensitive information via crafted HTTP requests.
Affected Products
At leastFortiNAC version 9.4.0 through 9.4.1
FortiNAC 9.2 all versions
FortiNAC 9.1 all versions
FortiNAC 8.8 all versions
FortiNAC 8.7 all versions
Solutions
Please upgrade to FortiNAC-F version 7.2.0 or above
Please upgrade to FortiNAC version 9.4.2 or above