CVE-2022-30305

An insufficient logging [CWE-778] vulnerability in FortiSandbox versions 4.0.0 to 4.0.2, 3.2.0 to 3.2.3 and 3.1.0 to 3.1.5 and FortiDeceptor versions 4.2.0, 4.1.0 through 4.1.1, 4.0.0 through 4.0.2, 3.3.0 through 3.3.3, 3.2.0 through 3.2.2,3.1.0 through 3.1.1 and 3.0.0 through 3.0.2 may allow a remote attacker to repeatedly enter incorrect credentials without causing a log entry, and with no limit on the number of failed authentication attempts.
References
Link Resource
https://fortiguard.com/psirt/FG-IR-21-170 Patch Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:fortinet:fortideceptor:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortisandbox:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortisandbox:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortisandbox:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortideceptor:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortideceptor:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortideceptor:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortideceptor:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortideceptor:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortideceptor:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortideceptor:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortideceptor:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortisandbox:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*

Information

Published : 2022-12-06 09:15

Updated : 2022-12-08 08:24


NVD link : CVE-2022-30305

Mitre link : CVE-2022-30305


JSON object : View

Advertisement

dedicated server usa

Products Affected

fortinet

  • fortideceptor
  • fortisandbox