WARNING: AUTHENTICATION BYPASS IN FORTIOS & FORTIPROXY SSH LOGIN COMPONENT
CVE: CVE-2022-35843
CVSSv3: 7.7
Bronnen
https://www.fortiguard.com/psirt/FG-IR-22-255
Risico’s
By successfully exploiting vulnerability CVE-2022-35843, a remote and unauthenticated attacker can login into the device by sending a specially crafted Access-Challenge response from the RADIUS server.
Beschrijving
CVE-2022-35843 is an SSH authentication bypass vulnerability affecting multiple versions of FortiOS and FortiProxy. More specifically, this vulnerability affects the SSH login component in both products and causes improper access control where RADIUS authentication is used.
In order to exploit this vulnerability, neither privileges nor user interaction are required.
Aanbevolen acties
Fortinet recommends patching affected software :
Upgrade to FortiOS version 7.2.2 or above
Upgrade to FortiOS version 7.0.8 or above
Upgrade to FortiOS version 6.4.10 or above
Upgrade to FortiProxy version 7.0.7 or above
Upgrade to FortiProxy version 2.0.11 or above
Meer informatie
For more information, please read Fortinet security advisories: https://www.fortiguard.com/psirt/FG-IR-22-255