CVE-2022-38372
published 2022-11-02CVE-2022-38372: A hidden functionality vulnerability [CWE-1242] in FortiTester CLI 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow a local, privileged…
medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
A hidden functionality vulnerability [CWE-1242] in FortiTester CLI 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow a local, privileged user to obtain a root shell on the device via an undocumented command.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet_fortitester | — | — |
| fortinet | fortitester | — | — |
| fortinet | fortitester | — | — |
| fortinet | fortitester | — | — |
| fortinet | fortitester | 2.3.0 – 3.9.1 | — |
| fortinet | fortitester | 4.0.0 – 4.2.0 | — |