Security Advisory

CVE-2022-29060

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-07-18 16:35:37

Last updated 2024-10-25 13:31:23

Assigner fortinet

State PUBLISHED

Description

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5.1, 5.4.0 through 5.4.2, 5.3.0 through 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key from one device to sign JWT tokens for any device.

← Browse all CVEs View on cve.org ↗