A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it.
References
History

Tue, 22 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-02-16T18:07:34.488Z

Updated: 2024-10-22T20:49:05.910Z

Reserved: 2022-04-11T13:56:39.869Z

Link: CVE-2022-29054

cve-icon Vulnrichment

Updated: 2024-08-03T06:10:58.670Z

cve-icon NVD

Status : Modified

Published: 2023-02-16T19:15:12.263

Modified: 2024-11-21T06:58:25.020

Link: CVE-2022-29054

cve-icon Redhat

No data.