CVE-2022-40678 Information

Description

An insufficiently protected credentials in Fortinet FortiNAC versions 9.4.0 9.2.0 through 9.2.5 9.1.0 through 9.1.7 8.8.0 through 8.8.11 8.7.0 through 8.7.6 8.6.0 through 8.6.5 8.5.0 through 8.5.4 8.3.7 may allow a local attacker with database access to recover user passwords.

Reference

https://fortiguard.com/psirt/FG-IR-22-265