CVE-2022-43949 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.2 MEDIUM	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
fortinet	CNA	5.9 MEDIUM	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 29%

Vendor	Product	Version
fortinet	fortisiem	5.3.0 ≤ 𝑥 ≤ 5.3.3
fortinet	fortisiem	6.3.0 ≤ 𝑥 ≤ 6.3.3
fortinet	fortisiem	6.6.0 ≤ 𝑥 ≤ 6.6.3
fortinet	fortisiem	5.4.0
fortinet	fortisiem	6.1.0
fortinet	fortisiem	6.1.1
fortinet	fortisiem	6.1.2
fortinet	fortisiem	6.2.0
fortinet	fortisiem	6.2.1
fortinet	fortisiem	6.4.0
fortinet	fortisiem	6.4.1
fortinet	fortisiem	6.4.2
fortinet	fortisiem	6.5.0
fortinet	fortisiem	6.5.1
fortinet	fortisiem	6.7.0
fortinet	fortisiem	6.7.1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.

References

https://fortiguard.com/psirt/FG-IR-22-259

https://fortiguard.com/psirt/FG-IR-22-259