Multiple vulnerabilities in FortiNAC
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2022-45859 CVE-2022-45858 |
| CWE-ID | CWE-522 CWE-327 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
FortiNAC Server applications / IDS/IPS systems, Firewalls and proxy servers FortiNAC-F Server applications / IDS/IPS systems, Firewalls and proxy servers |
| Vendor | Fortinet, Inc |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Insufficiently protected credentials
EUVDB-ID: #VU75739
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-45859
CWE-ID:
CWE-522 - Insufficiently Protected Credentials
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due usage of a weak hashing method in /etc/shadow. A local user can read and decrypt passwords that belong to other users on the system.
Install updates from vendor's website.
Vulnerable software versionsFortiNAC: 8.7.0 - 9.4.1
FortiNAC-F: 7.2.0
CPE2.3- cpe:2.3:a:fortinet:fortinac:8.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:fortinet:fortinac:8.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:fortinet:fortinac:8.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:fortinet:fortinac-f:7.2.0:*:*:*:*:*:*:*
https://fortiguard.fortinet.com/psirt/FG-IR-22-456
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use of a broken or risky cryptographic algorithm
EUVDB-ID: #VU75738
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-45858
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to usage of a weak cryptographic algorithm. A remote attacker with ability to intercept communication can perform MitM attack.
Install updates from vendor's website.
Vulnerable software versionsFortiNAC: 8.7.0 - 9.4.1
FortiNAC-F: 7.2.0
CPE2.3- cpe:2.3:a:fortinet:fortinac:8.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:fortinet:fortinac:8.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:fortinet:fortinac:8.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:fortinet:fortinac-f:7.2.0:*:*:*:*:*:*:*
https://fortiguard.fortinet.com/psirt/FG-IR-22-452
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
