CVE-2022-40678 - OpenCVE

An insufficiently protected credentials in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow a local attacker with database access to recover user passwords.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Fortinet	Fortinac

Configuration 1 [-]

OR	cpe:2.3:a:fortinet:fortinac::::::::
	cpe:2.3:a:fortinet:fortinac::::::::
	cpe:2.3:a:fortinet:fortinac::::::::
	cpe:2.3:a:fortinet:fortinac::::::::
	cpe:2.3:a:fortinet:fortinac::::::::
	cpe:2.3:a:fortinet:fortinac::::::::
	cpe:2.3:a:fortinet:fortinac:8.3.7:::::::*
	cpe:2.3:a:fortinet:fortinac:9.4.0:::::::*

References

Link	Resource
https://fortiguard.com/psirt/FG-IR-22-265	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: fortinet

Published: 2023-02-16T18:06:47.487Z

Updated: 2023-02-16T18:06:47.487Z

Reserved: 2022-09-14T13:17:43.617Z

Link: CVE-2022-40678

JSON object: View

NVD Information

Status : Modified

Published: 2023-02-16T19:15:13.313

Modified: 2023-11-07T03:52:34.990

Link: CVE-2022-40678

JSON object: View

Redhat Information

No data.

CWE

CWE-522

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-40678", "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "state": "PUBLISHED", "assignerShortName": "fortinet", "dateReserved": "2022-09-14T13:17:43.617Z", "datePublished": "2023-02-16T18:06:47.487Z", "dateUpdated": "2023-02-16T18:06:47.487Z"}, "containers": {"cna": {"affected": [{"vendor": "Fortinet", "product": "FortiNAC", "defaultStatus": "unaffected", "versions": [{"version": "9.4.0", "status": "affected"}, {"versionType": "semver", "version": "9.2.0", "lessThanOrEqual": "9.2.5", "status": "affected"}, {"versionType": "semver", "version": "9.1.0", "lessThanOrEqual": "9.1.7", "status": "affected"}, {"versionType": "semver", "version": "8.8.0", "lessThanOrEqual": "8.8.11", "status": "affected"}, {"versionType": "semver", "version": "8.7.0", "lessThanOrEqual": "8.7.6", "status": "affected"}, {"versionType": "semver", "version": "8.6.0", "lessThanOrEqual": "8.6.5", "status": "affected"}, {"versionType": "semver", "version": "8.5.0", "lessThanOrEqual": "8.5.4", "status": "affected"}, {"version": "8.3.7", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "An insufficiently protected credentials in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow a local attacker with database access to recover user passwords."}], "providerMetadata": {"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet", "dateUpdated": "2023-02-16T18:06:47.487Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-522", "description": "Information disclosure", "type": "CWE"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C"}}], "solutions": [{"lang": "en", "value": "Please upgrade to FortiNAC-F version 7.2.0 or above\r\nPlease upgrade to FortiNAC version 9.4.1 or above\r\nPlease upgrade to FortiNAC version 9.2.6 or above\r\nPlease upgrade to FortiNAC version 9.1.8 or above"}], "references": [{"name": "https://fortiguard.com/psirt/FG-IR-22-265", "url": "https://fortiguard.com/psirt/FG-IR-22-265"}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*", "matchCriteriaId": "8292B841-851C-42C2-AF13-17AB2FA894CD", "versionEndIncluding": "8.5.4", "versionStartIncluding": "8.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*", "matchCriteriaId": "95E75B88-1750-4FB6-BCE4-74B69D93C918", "versionEndIncluding": "8.6.5", "versionStartIncluding": "8.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BD32B25-76B4-4D6E-BB5C-065070297058", "versionEndIncluding": "8.7.6", "versionStartIncluding": "8.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*", "matchCriteriaId": "46929BE3-0396-4B8A-9889-9F6CA73FAD4E", "versionEndIncluding": "8.8.11", "versionStartIncluding": "8.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*", "matchCriteriaId": "33085C12-F572-4AE1-B286-978A274A8E66", "versionEndIncluding": "9.1.7", "versionStartIncluding": "9.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*", "matchCriteriaId": "561003C4-0B6E-4088-8272-03C6574B83F4", "versionEndIncluding": "9.2.5", "versionStartIncluding": "9.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortinac:8.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "952F266E-0E48-4D69-81E0-9F813B60AC3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortinac:9.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E12E11B0-E21A-4124-9DF9-FF268BB19813", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An insufficiently protected credentials in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow a local attacker with database access to recover user passwords."}], "id": "CVE-2022-40678", "lastModified": "2023-11-07T03:52:34.990", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 5.9, "source": "psirt@fortinet.com", "type": "Secondary"}]}, "published": "2023-02-16T19:15:13.313", "references": [{"source": "psirt@fortinet.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://fortiguard.com/psirt/FG-IR-22-265"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-522"}], "source": "psirt@fortinet.com", "type": "Secondary"}]}