CVE-2022-22305
CVSS V2 None
CVSS V3 None
Description
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the listed products and some external peers.
Overview
- CVE ID
- CVE-2022-22305
- Assigner
- fortinet
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-09-01T11:43:03.878Z
- Last Modified Date
- 2023-09-01T11:43:03.878Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://fortiguard.com/psirt/FG-IR-18-292 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-22305 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22305 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-24 18:06:33 | Added to TrackCVE |