CVE-2022-40675

CWE-310CWE-327Broken Cryptographic Algorithm4 documents4 sources
Severity
7.4HIGH
EPSS
0.3%
top 46.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fortinet FortinacFortinet Fortinac-f
Timeline
PublishedFeb 16

Description

Some cryptographic issues in Fortinet FortiNAC versions 9.4.0 through 9.4.1, 9.2.0 through 9.2.7, 9.1.0 through 9.1.8, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an attacker to decrypt and forge protocol communication messages.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages3 packages

NVDfortinet/fortinac9.4.09.4.2+1
NVDfortinet/fortinac-f< 7.2.0
CVEListV5fortinet/fortinac9.4.09.4.1+7

🔴Vulnerability Details

2
GHSA
GHSA-66q7-rr79-fw65: Some cryptographic issues in Fortinet FortiNAC versions 92023-02-16
CVEList
CVE-2022-40675: Some cryptographic issues in Fortinet FortiNAC versions 92023-02-16

📋Vendor Advisories

1
Fortinet
Some cryptographic issues in Fortinet FortiNAC versions 9.4.0 through 9.4.1, 9.2.0 through 9.2.7, 9.1.0 through 9.1.8, 8...2023-02-16
CVE-2022-40675 (HIGH CVSS 7.4) | Some cryptographic issues in Fortin | cvebase.io