An authentication bypass using an alternate path or channel vulnerability [CWE-288] in FortiOS, FortiProxy and FortiSwitchManager may allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
CPE | Name | Operator | Version |
---|---|---|---|
fortiproxy | eq | 7.2.0 | |
fortiproxy | eq | 7.0.6 | |
fortiproxy | eq | 7.0.5 | |
fortiproxy | eq | 7.0.4 | |
fortiproxy | eq | 7.0.3 | |
fortiproxy | eq | 7.0.2 | |
fortiproxy | eq | 7.0.1 | |
fortiproxy | eq | 7.0.0 | |
fortiswitchmanager | eq | 7.2.0 | |
fortiswitchmanager | eq | 7.0.0 |