CVE-2022-45858: Weak Encryption
First published: Wed May 03 2023(Updated: )
A use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.0 all versions, 8.8.0 all versions, 8.7.0 all versions may increase the chances of an attacker to have access to sensitive information or to perform man-in-the-middle attacks.
Credit: psirt@fortinet.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiNAC | >=8.7.0<9.1.0 | |
| Fortinet FortiNAC | >=9.2.0<9.2.6 | |
| Fortinet FortiNAC | >=9.4.0<9.4.2 |
Remedy
Please upgrade to FortiNAC-F version 7.2.1 or above Please upgrade to FortiNAC version 9.4.2 or above Please upgrade to FortiNAC version 9.2.7 or above
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID is CVE-2022-45858.
What is the severity of CVE-2022-45858?
The severity of CVE-2022-45858 is high with a score of 7.4.
What is the CWE ID associated with CVE-2022-45858?
The CWE ID associated with CVE-2022-45858 is CWE-327.
Which versions of FortiNAC are affected by this vulnerability?
FortiNAC versions 9.4.1 and below, 9.2.6 and below, 9.1.0 all versions, 8.8.0 all versions, and 8.7.0 all versions are affected.
How does CVE-2022-45858 impact the software?
CVE-2022-45858 may increase the chances of an attacker having access to sensitive information or performing man-in-the-middle attacks.
- collector/nvd-latest
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- vendor/fortinet
- canonical/fortinet fortinac
- version/fortinet fortinac/8.7.0
- version/fortinet fortinac/9.2.0
- version/fortinet fortinac/9.4.0