Insufficiently Protected Credentials Vulnerability in Fortinet FortiNAC

Insufficiently Protected Credentials Vulnerability in Fortinet FortiNAC

CVE-2022-40678 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An insufficiently protected credentials in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow a local attacker with database access to recover user passwords.

Learn more about our Cis Benchmark Audit For Fortinet.