CVE-2022-35846

An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiTester Telnet port 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated attacker to guess the credentials of an admin user via a brute force attack.
References
Link Resource
https://fortiguard.com/psirt/FG-IR-22-244 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:fortinet:fortitester:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortitester:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortitester:*:*:*:*:*:*:*:*

Information

Published : 2022-10-18 02:15

Updated : 2022-10-20 07:03


NVD link : CVE-2022-35846

Mitre link : CVE-2022-35846

Products Affected
No products.
CWE
CWE-307

Improper Restriction of Excessive Authentication Attempts