CVE-2022-29060

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5.1, 5.4.0 through 5.4.2, 5.3.0 through 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key from one device to sign JWT tokens for any device.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://fortiguard.com/psirt/FG-IR-22-071	Patch Vendor Advisory
https://fortiguard.com/psirt/FG-IR-22-071	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:fortinet:fortiddos:5.1.0:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.2.0:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.3.0:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.3.1:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.4.0:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.4.1:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.4.2:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.5.0:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.5.1:::::::*

History

No history.

Information

Published : 2022-07-19 14:15

Updated : 2024-11-21 06:58

NVD link : CVE-2022-29060

Mitre link : CVE-2022-29060

CVE.ORG link : CVE-2022-29060

JSON object : View

Products Affected

fortinet

fortiddos

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2022-29060", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2022-07-19T14:15:08.603", "references": [{"url": "https://fortiguard.com/psirt/FG-IR-22-071", "tags": ["Patch", "Vendor Advisory"], "source": "psirt@fortinet.com"}, {"url": "https://fortiguard.com/psirt/FG-IR-22-071", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5.1, 5.4.0 through 5.4.2, 5.3.0 through 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key from one device to sign JWT tokens for any device."}, {"lang": "es", "value": "Una vulnerabilidad en el uso de claves criptogr\u00e1ficas embebidas [CWE-321] en la API de FortiDDoS versiones 5.5.0 hasta 5.5.1, 5.4.0 hasta 5.4.2, 5.3.0 hasta 5.3.1, 5.2.0, 5.1.0, puede permitir a un atacante que consiga recuperar la clave de un dispositivo firmar tokens JWT para cualquier dispositivo.\n"}], "lastModified": "2024-11-21T06:58:25.680", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiddos:5.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D099B4B-CAB5-4491-993A-38C2D3A4856F"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "499D9AC5-1FB2-4891-8C43-BDAD01DD42D3"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73D6C167-6EB8-43FE-8DE1-05C17FCDAE5A"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B35C9E7A-12CD-4191-95B1-DD057C5FA330"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8AC7AEA-8028-40A7-B7AE-1CB8556C902A"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DE896C0-D7D5-4A2D-BF98-09A42EABBE9E"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "363742A6-DB82-472A-9C43-4D17C532110B"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA704D20-CE0E-4412-A8DC-45F0F2299F74"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03FC9BA3-0E36-422A-ADED-B9D91C833506"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}