FortiNAC : Wrong use of cryptographic primitives
Fortinet PSIRT Advisories
Fortinet PSIRT Contact:
Website: https://fortiguard.fortinet.com/faq/psirt-contact
FG-IR-22-312
Final
1
1
2023-02-16T00:00:00
Current version
2023-02-16T00:00:00
2023-02-16T00:00:00
A wrong use of cryptographic primitives vulnerability (CWE-310) may allow an attacker to compromise FortiNAC's confidentiality and integrity via deciphering some traffic and/or forging specific packets.
None
Information disclosure
FortiNAC version 9.4.0 through 9.4.1FortiNAC 9.2 all versionsFortiNAC 9.1 all versionsFortiNAC 8.8 all versionsFortiNAC 8.7 all versionsFortiNAC 8.6 all versionsFortiNAC 8.5 all versionsFortiNAC 8.3 all versions
Please upgrade to FortiNAC version 9.4.2 or above Please upgrade to FortiNAC version 7.2.0 or above
Internally discovered and reported by Gwendal Guégniaud of Fortinet Product Security team.
FortiNAC 9.4.1
FortiNAC 9.4.0
FortiNAC 9.2.8
FortiNAC 9.2.7
FortiNAC 9.2.6
FortiNAC 9.2.5
FortiNAC 9.2.4
FortiNAC 9.2.3
FortiNAC 9.2.2
FortiNAC 9.2.1
FortiNAC 9.2.0
FortiNAC 9.1.10
FortiNAC 9.1.9
FortiNAC 9.1.8
FortiNAC 9.1.7
FortiNAC 9.1.6
FortiNAC 9.1.5
FortiNAC 9.1.4
FortiNAC 9.1.3
FortiNAC 9.1.2
FortiNAC 9.1.1
FortiNAC 9.1.0
FortiNAC 8.8.11
FortiNAC 8.8.10
FortiNAC 8.8.9
FortiNAC 8.8.8
FortiNAC 8.8.7
FortiNAC 8.8.6
FortiNAC 8.8.5
FortiNAC 8.8.4
FortiNAC 8.8.3
FortiNAC 8.8.2
FortiNAC 8.8.1
FortiNAC 8.8.0
FortiNAC 8.7.6
FortiNAC 8.7.5
FortiNAC 8.7.4
FortiNAC 8.7.3
FortiNAC 8.7.2
FortiNAC 8.7.1
FortiNAC 8.7.0
FortiNAC 8.6.5
FortiNAC 8.6.4
FortiNAC 8.6.3
FortiNAC 8.6.2
FortiNAC 8.6.1
FortiNAC 8.6.0
FortiNAC 8.5.4
FortiNAC 8.5.3
FortiNAC 8.5.2
FortiNAC 8.5.1
FortiNAC 8.5.0
FortiNAC 8.3.7
FortiNAC : Wrong use of cryptographic primitives
CVE-2022-40675
FortiNAC-9.4.1
FortiNAC-9.4.0
FortiNAC-9.2.8
FortiNAC-9.2.7
FortiNAC-9.2.6
FortiNAC-9.2.5
FortiNAC-9.2.4
FortiNAC-9.2.3
FortiNAC-9.2.2
FortiNAC-9.2.1
FortiNAC-9.2.0
FortiNAC-9.1.10
FortiNAC-9.1.9
FortiNAC-9.1.8
FortiNAC-9.1.7
FortiNAC-9.1.6
FortiNAC-9.1.5
FortiNAC-9.1.4
FortiNAC-9.1.3
FortiNAC-9.1.2
FortiNAC-9.1.1
FortiNAC-9.1.0
FortiNAC-8.8.11
FortiNAC-8.8.10
FortiNAC-8.8.9
FortiNAC-8.8.8
FortiNAC-8.8.7
FortiNAC-8.8.6
FortiNAC-8.8.5
FortiNAC-8.8.4
FortiNAC-8.8.3
FortiNAC-8.8.2
FortiNAC-8.8.1
FortiNAC-8.8.0
FortiNAC-8.7.6
FortiNAC-8.7.5
FortiNAC-8.7.4
FortiNAC-8.7.3
FortiNAC-8.7.2
FortiNAC-8.7.1
FortiNAC-8.7.0
FortiNAC-8.6.5
FortiNAC-8.6.4
FortiNAC-8.6.3
FortiNAC-8.6.2
FortiNAC-8.6.1
FortiNAC-8.6.0
FortiNAC-8.5.4
FortiNAC-8.5.3
FortiNAC-8.5.2
FortiNAC-8.5.1
FortiNAC-8.5.0
FortiNAC-8.3.7
6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:U/RC:C
https://fortiguard.fortinet.com/psirt/FG-IR-22-312
FortiNAC : Wrong use of cryptographic primitives
Reference>