CVE-2022-42469: 
FortiOS vulnerability analysis and mitigation

A permissive list of allowed inputs vulnerability [CWE-183] was discovered in FortiGate Policy-based NGFW Mode affecting versions 7.2.3 and below, and version 7.0.9 and below. The vulnerability was disclosed on April 11, 2023, and allows an authenticated SSL-VPN user to bypass the policy via bookmarks in the web portal (Fortinet Advisory).

The vulnerability is classified with a CVSS v3.1 base score of 4.3 (Medium), with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N. This indicates that the vulnerability requires network access and low privileges to exploit, with no user interaction needed. The vulnerability specifically affects the SSL-VPN component in Policy-based NGFW Mode (NVD).

The vulnerability allows authenticated SSL-VPN users to bypass implemented security policies through the web portal's bookmark feature. This could potentially lead to unauthorized access to resources that should be restricted by the policy configuration (Fortinet Advisory).

Fortinet has released patches to address this vulnerability. Organizations are advised to upgrade to FortiOS version 7.2.4 or above for the 7.2.x branch, or to FortiOS version 7.0.11 or above for the 7.0.x branch (Fortinet Advisory).

The vulnerability was responsibly disclosed by Mr. Salim Faid from JVGAS, who reported it to Fortinet. The vendor acknowledged the researcher's contribution in their security advisory (Fortinet Advisory).