A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it.
References
| Link | Resource |
|---|---|
| https://fortiguard.com/psirt/FG-IR-22-080 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:45
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it. |
24 Feb 2023, 23:42
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Fortinet fortios
Fortinet fortiproxy Fortinet |
|
| References | (MISC) https://fortiguard.com/psirt/FG-IR-22-080 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 3.3 |
| CWE | NVD-CWE-Other | |
| CPE | cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:* |
16 Feb 2023, 19:39
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-02-16 19:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-29054
Mitre link : CVE-2022-29054
CVE.ORG link : CVE-2022-29054
JSON object : View
Products Affected
fortinet
- fortiproxy
- fortios
CWE