CVE-2022-35843

Summary

An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiOS7.2.0affected
FortinetFortiOS7.0.0 <= 7.0.6affected
FortinetFortiOS6.4.0 <= 6.4.9affected
FortinetFortiOS6.2.0 <= 6.2.12affected
FortinetFortiOS6.0.0 <= 6.0.15affected
FortinetFortiOS6.2.0 < 6.2.*affected
FortinetFortiOS6.0.0 < 6.0.*affected
FortinetFortiProxy7.0.0 <= 7.0.5affected
FortinetFortiProxy2.0.0 <= 2.0.10affected
FortinetFortiProxy1.2.0 <= 1.2.13affected

Weaknesses

  • CWE-284: Improper access control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References