CVE-2022-45860

N/A

A weak authentication vulnerability [CWE-1390] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.2 and below, 9.2 all versions, 9.1 all versions, 8.8 all versions, 8.7 all versions in device registration page may allow an unauthenticated attacker to perform password spraying attacks with an increased chance of success.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-1390

Fortinet FortiNAC 授权问题漏洞

Fortinet FortiNAC是美国飞塔（Fortinet）公司的一套网络访问控制解决方案。该产品主要用于网络访问控制和物联网安全防护。 Fortinet FortiNAC 存在安全漏洞，该漏洞源于设备注册页面中存在弱身份验证漏洞。

N/A

N/A