{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T13:15:14.309","vulnerabilities":[{"cve":{"id":"CVE-2026-22572","sourceIdentifier":"psirt@fortinet.com","published":"2026-03-10T18:18:12.250","lastModified":"2026-03-16T14:18:11.980","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An authentication bypass using an alternate path or channel vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.2 through 7.2.11, FortiManager 7.6.0 through 7.6.3, FortiManager 7.4.0 through 7.4.7, FortiManager 7.2.2 through 7.2.11 may allow  an attacker with knowledge of the admins password to bypass multifactor authentication checks via submitting multiple crafted requests."},{"lang":"es","value":"Una omisión de autenticación utilizando una vulnerabilidad de ruta o canal alternativo en Fortinet FortiAnalyzer 7.6.0 hasta 7.6.3, FortiAnalyzer 7.4.0 hasta 7.4.7, FortiAnalyzer 7.2.2 hasta 7.2.11, FortiAnalyzer Cloud 7.6.0 hasta 7.6.3, FortiAnalyzer Cloud 7.4.0 hasta 7.4.7, FortiAnalyzer Cloud 7.2.2 hasta 7.2.10, FortiManager 7.6.0 hasta 7.6.3, FortiManager 7.4.0 hasta 7.4.7, FortiManager 7.2.2 hasta 7.2.11, FortiManager Cloud 7.6.0 hasta 7.6.3, FortiManager Cloud 7.4.0 hasta 7.4.7, FortiManager Cloud 7.2.2 hasta 7.2.10 puede permitir a un atacante con conocimiento de la contraseña del administrador omitir las comprobaciones de autenticación multifactor mediante el envío de múltiples solicitudes manipuladas."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-288"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.2","versionEndExcluding":"7.4.8","matchCriteriaId":"0105EF79-42B6-4891-993F-CA28F95D1764"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*","versionStartIncluding":"7.6.0","versionEndExcluding":"7.6.4","matchCriteriaId":"7E7EC074-7835-438D-8501-D7FA6A84F280"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.2","versionEndExcluding":"7.4.8","matchCriteriaId":"F4211463-C85D-4D66-92A8-AFE961FEECAD"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.6.0","versionEndExcluding":"7.6.4","matchCriteriaId":"0EC7E465-5168-4BB8-89D3-244E6DBF70A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.2","versionEndExcluding":"7.4.8","matchCriteriaId":"B6B453F7-5AD8-4C18-9218-E8880D8D6D25"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.6.0","versionEndExcluding":"7.6.4","matchCriteriaId":"9AD9F018-F775-4676-AA63-454BE5996A5C"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-26-090","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}}]}