CVE-2022-35843: SSH authentication bypass when RADIUS authentication is used
First published: Tue Dec 06 2022(Updated: )
An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server.
Credit: psirt@fortinet.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiProxy | >=1.2.0<=1.2.13 | |
| Fortinet FortiProxy | >=2.0.0<=2.0.10 | |
| Fortinet FortiProxy | >=7.0.0<=7.0.6 | |
| Fortinet FortiOS | >=6.0.0<=6.0.15 | |
| Fortinet FortiOS | >=6.2.0<=6.2.12 | |
| Fortinet FortiOS | >=6.4.0<=6.4.9 | |
| Fortinet FortiOS | >=7.0.0<=7.0.7 | |
| Fortinet FortiOS | =7.2.0 | |
| Fortinet FortiOS | =7.2.1 |
Remedy
Please upgrade to FortiOS version 7.2.2 or above Please upgrade to FortiOS version 7.0.8 or above Please upgrade to FortiOS version 6.4.10 or above Please upgrade to FortiProxy version 7.0.7 or above Please upgrade to FortiProxy version 2.0.11 or above
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-35843?
CVE-2022-35843 is an authentication bypass vulnerability in the FortiOS SSH login component and FortiProxy SSH login component.
What is the severity of CVE-2022-35843?
CVE-2022-35843 has a severity level of critical with a CVSS score of 9.8.
Which software versions are affected by CVE-2022-35843?
CVE-2022-35843 affects Fortinet FortiOS versions 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, and Fortinet FortiProxy versions 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, and 1.2.0 all versions.
How does CVE-2022-35843 impact authentication?
CVE-2022-35843 allows for an authentication bypass by assumed-immutable data vulnerability.
Where can I find more information about CVE-2022-35843?
More information about CVE-2022-35843 can be found at https://fortiguard.com/psirt/FG-IR-22-255.
- agent/type
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/author
- agent/remedy
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/fortiguard-psirt-latest
- source/FortiGuard
- alias/CVE-2022-35843
- collector/fortiguard-psirt
- agent/severity
- agent/references
- agent/title
- agent/first-publish-date
- agent/event
- agent/description
- agent/tags
- agent/trending
- vendor/fortinet
- canonical/fortinet fortiproxy
- version/fortinet fortiproxy/1.2.0
- version/fortinet fortiproxy/1.2.13
- version/fortinet fortiproxy/2.0.0
- version/fortinet fortiproxy/2.0.10
- version/fortinet fortiproxy/7.0.0
- version/fortinet fortiproxy/7.0.6
- canonical/fortinet fortios
- version/fortinet fortios/6.0.0
- version/fortinet fortios/6.0.15
- version/fortinet fortios/6.2.0
- version/fortinet fortios/6.2.12
- version/fortinet fortios/6.4.0
- version/fortinet fortios/6.4.9
- version/fortinet fortios/7.0.0
- version/fortinet fortios/7.0.7
- version/fortinet fortios/7.2.0
- version/fortinet fortios/7.2.1