FortiOS & FortiProxy - Flaws over keytab encryption scheme
Fortinet PSIRT Advisories
Fortinet PSIRT Contact:
Website: https://fortiguard.fortinet.com/faq/psirt-contact
FG-IR-22-158
Final
1
1
2022-09-06T00:00:00
Current version
2022-09-06T00:00:00
2022-09-06T00:00:00
A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt keytab values in FortiOS & FortiProxy may allow an attacker in possession of the encrypted secret to decipher it.
None
Information disclosure
FortiOS version 7.2.0 FortiOS version 7.0.0 through 7.0.5 FortiOS 6.4 all versions FortiOS 6.2 all versions FortiOS 6.0 all versions FortiProxy version 7.0.0 through 7.0.4 FortiProxy 2.0 all versions FortiProxy 1.2 all versions FortiProxy version 1.1.2 and above
Upgrade to FortiOS version 7.2.1 or above. Upgrade to FortiOS version 7.0.6 or above. Upgrade to FortiProxy version 7.2.0 or above. Upgrade to FortiProxy version 7.0.5 or above.
Internally discovered and reported by Théo Leleu of Fortinet Product Security team.
FortiOS 7.2.0
FortiOS 7.0.5
FortiOS 7.0.4
FortiOS 7.0.3
FortiOS 7.0.2
FortiOS 7.0.1
FortiOS 7.0.0
FortiOS 6.4.14
FortiOS 6.4.13
FortiOS 6.4.12
FortiOS 6.4.11
FortiOS 6.4.10
FortiOS 6.4.9
FortiOS 6.4.8
FortiOS 6.4.7
FortiOS 6.4.6
FortiOS 6.4.5
FortiOS 6.4.4
FortiOS 6.4.3
FortiOS 6.4.2
FortiOS 6.4.1
FortiOS 6.4.0
FortiOS 6.2.15
FortiOS 6.2.14
FortiOS 6.2.13
FortiOS 6.2.12
FortiOS 6.2.11
FortiOS 6.2.10
FortiOS 6.2.9
FortiOS 6.2.8
FortiOS 6.2.7
FortiOS 6.2.6
FortiOS 6.2.5
FortiOS 6.2.4
FortiOS 6.2.3
FortiOS 6.2.2
FortiOS 6.2.1
FortiOS 6.2.0
FortiOS 6.0.17
FortiOS 6.0.16
FortiOS 6.0.15
FortiOS 6.0.14
FortiOS 6.0.13
FortiOS 6.0.12
FortiOS 6.0.11
FortiOS 6.0.10
FortiOS 6.0.9
FortiOS 6.0.8
FortiOS 6.0.7
FortiOS 6.0.6
FortiOS 6.0.5
FortiOS 6.0.4
FortiOS 6.0.3
FortiOS 6.0.2
FortiOS 6.0.1
FortiOS 6.0.0
FortiProxy 7.0.4
FortiProxy 7.0.3
FortiProxy 7.0.2
FortiProxy 7.0.1
FortiProxy 7.0.0
FortiProxy 2.0.14
FortiProxy 2.0.13
FortiProxy 2.0.12
FortiProxy 2.0.11
FortiProxy 2.0.10
FortiProxy 2.0.9
FortiProxy 2.0.8
FortiProxy 2.0.7
FortiProxy 2.0.6
FortiProxy 2.0.5
FortiProxy 2.0.4
FortiProxy 2.0.3
FortiProxy 2.0.2
FortiProxy 2.0.1
FortiProxy 2.0.0
FortiProxy 1.2.13
FortiProxy 1.2.12
FortiProxy 1.2.11
FortiProxy 1.2.10
FortiProxy 1.2.9
FortiProxy 1.2.8
FortiProxy 1.2.7
FortiProxy 1.2.6
FortiProxy 1.2.5
FortiProxy 1.2.4
FortiProxy 1.2.3
FortiProxy 1.2.2
FortiProxy 1.2.1
FortiProxy 1.2.0
FortiProxy 1.1.6
FortiProxy 1.1.5
FortiProxy 1.1.4
FortiProxy 1.1.3
FortiProxy 1.1.2
FortiOS & FortiProxy - Flaws over keytab encryption scheme
CVE-2022-29053
FortiOS-7.2.0
FortiOS-7.0.5
FortiOS-7.0.4
FortiOS-7.0.3
FortiOS-7.0.2
FortiOS-7.0.1
FortiOS-7.0.0
FortiOS-6.4.14
FortiOS-6.4.13
FortiOS-6.4.12
FortiOS-6.4.11
FortiOS-6.4.10
FortiOS-6.4.9
FortiOS-6.4.8
FortiOS-6.4.7
FortiOS-6.4.6
FortiOS-6.4.5
FortiOS-6.4.4
FortiOS-6.4.3
FortiOS-6.4.2
FortiOS-6.4.1
FortiOS-6.4.0
FortiOS-6.2.15
FortiOS-6.2.14
FortiOS-6.2.13
FortiOS-6.2.12
FortiOS-6.2.11
FortiOS-6.2.10
FortiOS-6.2.9
FortiOS-6.2.8
FortiOS-6.2.7
FortiOS-6.2.6
FortiOS-6.2.5
FortiOS-6.2.4
FortiOS-6.2.3
FortiOS-6.2.2
FortiOS-6.2.1
FortiOS-6.2.0
FortiOS-6.0.17
FortiOS-6.0.16
FortiOS-6.0.15
FortiOS-6.0.14
FortiOS-6.0.13
FortiOS-6.0.12
FortiOS-6.0.11
FortiOS-6.0.10
FortiOS-6.0.9
FortiOS-6.0.8
FortiOS-6.0.7
FortiOS-6.0.6
FortiOS-6.0.5
FortiOS-6.0.4
FortiOS-6.0.3
FortiOS-6.0.2
FortiOS-6.0.1
FortiOS-6.0.0
FortiProxy-7.0.4
FortiProxy-7.0.3
FortiProxy-7.0.2
FortiProxy-7.0.1
FortiProxy-7.0.0
FortiProxy-2.0.14
FortiProxy-2.0.13
FortiProxy-2.0.12
FortiProxy-2.0.11
FortiProxy-2.0.10
FortiProxy-2.0.9
FortiProxy-2.0.8
FortiProxy-2.0.7
FortiProxy-2.0.6
FortiProxy-2.0.5
FortiProxy-2.0.4
FortiProxy-2.0.3
FortiProxy-2.0.2
FortiProxy-2.0.1
FortiProxy-2.0.0
FortiProxy-1.2.13
FortiProxy-1.2.12
FortiProxy-1.2.11
FortiProxy-1.2.10
FortiProxy-1.2.9
FortiProxy-1.2.8
FortiProxy-1.2.7
FortiProxy-1.2.6
FortiProxy-1.2.5
FortiProxy-1.2.4
FortiProxy-1.2.3
FortiProxy-1.2.2
FortiProxy-1.2.1
FortiProxy-1.2.0
FortiProxy-1.1.6
FortiProxy-1.1.5
FortiProxy-1.1.4
FortiProxy-1.1.3
FortiProxy-1.1.2
3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:X/RC:C
https://fortiguard.fortinet.com/psirt/FG-IR-22-158
FortiOS & FortiProxy - Flaws over keytab encryption scheme
Reference>