CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-29060

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5.1, 5.4.0 through 5.4.2, 5.3.0 through 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key from one device to sign JWT tokens for any device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.2%

CVSS Severity

CVSS v3 Score 8.1

References

Products affected by CVE-2022-29060

Fortinet » Fortiddos » Version: 5.1.0

cpe:2.3:a:fortinet:fortiddos:5.1.0
Fortinet » Fortiddos » Version: 5.2.0

cpe:2.3:a:fortinet:fortiddos:5.2.0
Fortinet » Fortiddos » Version: 5.3.0

cpe:2.3:a:fortinet:fortiddos:5.3.0
Fortinet » Fortiddos » Version: 5.3.1

cpe:2.3:a:fortinet:fortiddos:5.3.1
Fortinet » Fortiddos » Version: 5.4.0

cpe:2.3:a:fortinet:fortiddos:5.4.0
Fortinet » Fortiddos » Version: 5.4.1

cpe:2.3:a:fortinet:fortiddos:5.4.1
Fortinet » Fortiddos » Version: 5.4.2

cpe:2.3:a:fortinet:fortiddos:5.4.2
Fortinet » Fortiddos » Version: 5.5.0

cpe:2.3:a:fortinet:fortiddos:5.5.0
Fortinet » Fortiddos » Version: 5.5.1

cpe:2.3:a:fortinet:fortiddos:5.5.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-29060

Products

Pricing

Contact Us