๐Ÿ” CVE Alert

CVE-2022-30307

LOW 3.9
CVSS Score
3.9
EPSS Score
0.0%
EPSS Percentile
0th

A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below may allow an unauthenticated attacker to perform a man in the middle attack.

Vendor fortinet
Product fortinet fortios
Ecosystems
Industries
NetworkingSecurity
Published Nov 2, 2022
Last Updated Oct 22, 2024
Stay Ahead of the Next One

Get instant alerts for fortinet fortinet fortios

Be the first to know when new low vulnerabilities affecting fortinet fortinet fortios are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L/E:X/RL:U/RC:R
Attack Vector
Network
Attack Complexity
High
Privileges Required
High
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Affected Versions

Fortinet / Fortinet FortiOS
FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
fortiguard.com: https://fortiguard.com/psirt/FG-IR-22-228