Key Management Error in FortiOS by Fortinet
CVE-2022-30307

3.9LOW

Key Information:

Vendor: Fortinet
Status: Fortinet FortiOS
Vendor: CVE Published:; 2 November 2022

What is CVE-2022-30307?

FortiOS, the operating system for Fortinet's security appliances, is susceptible to a key management error that impacts the RSA SSH host key. This vulnerability may enable unauthenticated attackers to execute man-in-the-middle attacks, compromising secure communications. Users are advised to update to the latest versions to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Fortinet FortiOS FortiOS 7.2.0 and below, 7.0.6 and below, 6.4.9 and below

References

https://fortiguard.com/psirt/FG-IR-22-228

CVSS V3.1

Score:

3.9

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 2, 2022
Vulnerability Reserved
May 6, 2022

JSON

Fortinet