What is CVE-2022-43951?

CVE-2022-43951 is a medium-severity vulnerability in Fortinet Fortinac, classified under Information Disclosure. CVSS score: 4.8/10. Published 2023-04-11.

How severe is CVE-2022-43951?

Medium severity. CVSS v3 base score is 4.8 out of 10.

Information disclosure in Fortinet Fortinac

CVE-2022-43951

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below may allow an unauthenticated attacker to access sensitiv…

Vulnerability class: Information Disclosure

EPSS: 0.003 (54.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.8 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R.

Affected products

Fortinet Fortinac — versions 9.4.0, 9.2.0, 9.1.0

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

https://fortiguard.com/psirt/FG-IR-22-409

Frequently asked questions

What is CVE-2022-43951?: CVE-2022-43951 is a medium-severity vulnerability in Fortinet Fortinac, classified under Information Disclosure. CVSS score: 4.8/10. Published 2023-04-11.
How severe is CVE-2022-43951?: Medium severity. CVSS v3 base score is 4.8 out of 10.