CVE-2022-29060

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5.1, 5.4.0 through 5.4.2, 5.3.0 through 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key from one device to sign JWT tokens for any device.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://fortiguard.com/psirt/FG-IR-22-071	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:fortinet:fortiddos:5.1.0:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.2.0:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.3.0:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.3.1:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.4.0:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.4.1:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.4.2:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.5.0:::::::*
	cpe:2.3:a:fortinet:fortiddos:5.5.1:::::::*

History

27 Jul 2022, 12:50

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.1
References	~~(CONFIRM) https://fortiguard.com/psirt/FG-IR-22-071 -~~	(CONFIRM) https://fortiguard.com/psirt/FG-IR-22-071 - Patch, Vendor Advisory
CWE		CWE-798
CPE		cpe:2.3:a:fortinet:fortiddos:5.4.0:::::::* cpe:2.3:a:fortinet:fortiddos:5.4.1:::::::* cpe:2.3:a:fortinet:fortiddos:5.3.0:::::::* cpe:2.3:a:fortinet:fortiddos:5.5.0:::::::* cpe:2.3:a:fortinet:fortiddos:5.2.0:::::::* cpe:2.3:a:fortinet:fortiddos:5.3.1:::::::* cpe:2.3:a:fortinet:fortiddos:5.1.0:::::::* cpe:2.3:a:fortinet:fortiddos:5.5.1:::::::* cpe:2.3:a:fortinet:fortiddos:5.4.2:::::::*

19 Jul 2022, 15:11

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-07-19 14:15

Updated : 2024-02-04 22:51

NVD link : CVE-2022-29060

Mitre link : CVE-2022-29060

CVE.ORG link : CVE-2022-29060

JSON object : View

Products Affected

fortinet

fortiddos

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2022-29060", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2022-07-19T14:15:08.603", "references": [{"url": "https://fortiguard.com/psirt/FG-IR-22-071", "tags": ["Patch", "Vendor Advisory"], "source": "psirt@fortinet.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5.1, 5.4.0 through 5.4.2, 5.3.0 through 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key from one device to sign JWT tokens for any device."}, {"lang": "es", "value": "Una vulnerabilidad en el uso de claves criptogr\u00e1ficas embebidas [CWE-321] en la API de FortiDDoS versiones 5.5.0 hasta 5.5.1, 5.4.0 hasta 5.4.2, 5.3.0 hasta 5.3.1, 5.2.0, 5.1.0, puede permitir a un atacante que consiga recuperar la clave de un dispositivo firmar tokens JWT para cualquier dispositivo.\n"}], "lastModified": "2022-07-27T12:50:13.893", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortiddos:5.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D099B4B-CAB5-4491-993A-38C2D3A4856F"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "499D9AC5-1FB2-4891-8C43-BDAD01DD42D3"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73D6C167-6EB8-43FE-8DE1-05C17FCDAE5A"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B35C9E7A-12CD-4191-95B1-DD057C5FA330"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8AC7AEA-8028-40A7-B7AE-1CB8556C902A"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DE896C0-D7D5-4A2D-BF98-09A42EABBE9E"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "363742A6-DB82-472A-9C43-4D17C532110B"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA704D20-CE0E-4412-A8DC-45F0F2299F74"}, {"criteria": "cpe:2.3:a:fortinet:fortiddos:5.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03FC9BA3-0E36-422A-ADED-B9D91C833506"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}