CVE-2023-26203
published 2023-05-03CVE-2023-26203: A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions may allow an authenticated attacker to access to the database via shell commands.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinac | — | — |
| fortinet | fortinac | — | — |
| fortinet | fortinac | 8.7.0 – 9.2.7 | — |
| fortinet | fortinac | 8.8.0 – 8.8.11 | — |
| fortinet | fortinac | 9.1.0 – 9.1.9 | — |
| fortinet | fortinac | 9.2.0 – 9.2.7 | — |
| fortinet | fortinac | >= 9.4.0 < 9.4.3 | 9.4.3 |
| fortinet | fortinac | 9.4.0 – 9.4.1 | — |
| fortinet | fortinac-f | — | — |
| fortinet | fortinac-f | — | — |