CVE-2022-43951
published 2023-04-11CVE-2022-43951: An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below may allow an unauthenticated attacker to access sensitive information via crafted HTTP requests.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinac | — | — |
| fortinet | fortinac | 8.7.0 – 9.2.7 | — |
| fortinet | fortinac | 8.8.0 – 8.8.11 | — |
| fortinet | fortinac | 9.1.0 – 9.1.9 | — |
| fortinet | fortinac | 9.2.0 – 9.2.7 | — |
| fortinet | fortinac | >= 9.4.0 < 9.4.2 | 9.4.2 |
| fortinet | fortinac | 9.4.0 – 9.4.1 | — |
| fortinet | fortinac-f | < 7.2.0 | 7.2.0 |
| fortinet | fortinac-f | — | — |