===================================================================== CERT-Renater Note d'Information No. 2021/VULN104 ____________________________________________________________________ DATE : 02/03/2022 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S) : Systems running FortiAnalyzer, FortiManager versions prior to 7.0.3. ===================================================================== https://www.fortiguard.com/psirt/FG-IR-21-255 _____________________________________________________________________ IR Number FG-IR-21-255 Date Mar 1, 2022 CVSSv3 Score 3.9 Impact Execute unauthorized code or commands CVE ID CVE-2022-22300 Affected Products FortiAnalyzer: 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.11, 6.0.10, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.11, 5.6.10, 5.6.1, 5.6.0 FortiManager: 7.0.2, 7.0.1, 7.0.0, 6.4.7, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.11, 6.0.10, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.11, 5.6.10, 5.6.1, 5.6.0 FortiAnalyzer, FortiManager - bypass of client-side password change policy enforcement Summary An improper handling of insufficient permissions or privileges vulnerability [CWE-280] in FortiAnalyzer and FortiManager may allow an authenticated attacker to bypass the device policy and force the password-change action for its user. Affected Products FortiManager version 5.6.0 through 5.6.11 FortiManager version 6.0.0 through 6.0.11 FortiManager version 6.2.0 through 6.2.9 FortiManager version 6.4.0 through 6.4.7 FortiManager version 7.0.0 through 7.0.2 FortiAnalyzer version 5.6.0 through 5.6.11 FortiAnalyzer version 6.0.0 through 6.0.11 FortiAnalyzer version 6.2.0 through 6.2.9 FortiAnalyzer version 6.4.0 through 6.4.7 FortiAnalyzer version 7.0.0 through 7.0.2 Solutions Upgrade to FortiAnalyzer version 7.0.3 or above Upgrade to FortiManager version 7.0.3 or above Acknowledgement Fortinet is pleased to thank Alaa A. Bukhari for reporting this vulnerability under responsible disclosure ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================