2 matches found
Fortinet Fortigate Flaws over DHCP and DNS keys encryption scheme (FG-IR-22-080)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-080 advisory. - A missing cryptographic steps vulnerability CWE-325 in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS...
CVE-2022-29054
CVE-2022-29054 describes a missing cryptographic steps vulnerability (CWE-325) in Fortinet FortiOS and FortiProxy where the functions that encrypt DHCP and DNS keys (e.g., ddns-key, n-mhae-key) may allow an attacker who possesses the encrypted key to decipher it. Affected FortiOS/FortiProxy versi...