Vulnerability Details CVE-2022-30302
Multiple relative path traversal vulnerabilities [CWE-23] in FortiDeceptor management interface 1.0.0 through 3.2.x, 3.3.0 through 3.3.2, 4.0.0 through 4.0.1 may allow a remote and authenticated attacker to retrieve and delete arbitrary files from the underlying filesystem via specially crafted web requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.4%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2022-30302
-
cpe:2.3:a:fortinet:fortideceptor:1.0.0
-
cpe:2.3:a:fortinet:fortideceptor:1.0.1
-
cpe:2.3:a:fortinet:fortideceptor:1.1
-
cpe:2.3:a:fortinet:fortideceptor:1.1.0
-
cpe:2.3:a:fortinet:fortideceptor:1.4.3
-
cpe:2.3:a:fortinet:fortideceptor:2.0
-
cpe:2.3:a:fortinet:fortideceptor:2.0.0
-
cpe:2.3:a:fortinet:fortideceptor:2.1
-
cpe:2.3:a:fortinet:fortideceptor:2.1.0
-
cpe:2.3:a:fortinet:fortideceptor:3.0.0
-
cpe:2.3:a:fortinet:fortideceptor:3.0.1
-
cpe:2.3:a:fortinet:fortideceptor:3.0.2
-
cpe:2.3:a:fortinet:fortideceptor:3.1
-
cpe:2.3:a:fortinet:fortideceptor:3.1.0
-
cpe:2.3:a:fortinet:fortideceptor:3.1.1
-
cpe:2.3:a:fortinet:fortideceptor:3.2.0
-
cpe:2.3:a:fortinet:fortideceptor:3.2.1
-
cpe:2.3:a:fortinet:fortideceptor:3.2.2
-
cpe:2.3:a:fortinet:fortideceptor:3.3.0
-
cpe:2.3:a:fortinet:fortideceptor:3.3.1
-
cpe:2.3:a:fortinet:fortideceptor:3.3.2
-
cpe:2.3:a:fortinet:fortideceptor:4.0.0
-
cpe:2.3:a:fortinet:fortideceptor:4.0.1