Design/Logic Flaw

2023-05-0322:15:00

PRIOn knowledge base

www.prio-n.com

weak cryptographic algorithm

fortinac 9.4.1

man-in-the-middle attacks

sensitive information

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.2%

JSON

A use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.0 all versions, 8.8.0 all versions, 8.7.0 all versions may increase the chances of an attacker to have access to sensitive information or to perform man-in-the-middle attacks.

CPENameOperatorVersion
fortinacge9.4.0
fortinaclt9.4.2
fortinacge9.2.0
fortinaclt9.2.6
fortinacge8.7.0
fortinaclt9.1.0

Name	Operator	Version
fortinac	ge	9.4.0
fortinac	lt	9.4.2
fortinac	ge	9.2.0
fortinac	lt	9.2.6
fortinac	ge	8.7.0
fortinac	lt	9.1.0

References

fortiguard.com/psirt/FG-IR-22-452