CVE-2022-39946 Information

Description

An access control vulnerability [CWE-284] in FortiNAC version 9.4.2 and below version 9.2.7 and below 9.1 all versions 8.8 all versions 8.7 all versions 8.6 all versions 8.5 all versions may allow a remote attacker authenticated on the administrative interface to perform unauthorized jsp calls via crafted HTTP requests.

Reference

https://fortiguard.com/psirt/FG-IR-22-332