FortiSandbox/FortiDeceptor: Unlogged Auth Attempts (CWE778) 3.13.1.5, 4.04.0.2
CVE-2022-30305 Published on December 6, 2022
An insufficient logging [CWE-778] vulnerability in FortiSandbox versions 4.0.0 to 4.0.2, 3.2.0 to 3.2.3 and 3.1.0 to 3.1.5 and FortiDeceptor versions 4.2.0, 4.1.0 through 4.1.1, 4.0.0 through 4.0.2, 3.3.0 through 3.3.3, 3.2.0 through 3.2.2,3.1.0 through 3.1.1 and 3.0.0 through 3.0.2 may allow a remote attacker to repeatedly enter incorrect credentials without causing a log entry, and with no limit on the number of failed authentication attempts.
Vulnerability Analysis
CVE-2022-30305 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.
Weakness Type
Insufficient Logging
When a security-critical event occurs, the software either does not record the event or omits important details about the event when logging it. When security-critical events are not logged properly, such as a failed login attempt, this can make malicious behavior more difficult to detect and may hinder forensic analysis after an attack succeeds.
Products Associated with CVE-2022-30305
stack.watch emails you whenever new vulnerabilities are published in Fortinet Fortideceptor or Fortinet Fortisandbox. Just hit a watch button to start following.
Affected Versions
Fortinet FortiSandbox:- Version 4.0.0, <= 4.0.2 is affected.
- Version 3.2.0, <= 3.2.3 is affected.
- Version 3.1.0, <= 3.1.5 is affected.
- Version 4.2.0 is affected.
- Version 4.1.0, <= 4.1.1 is affected.
- Version 4.0.0, <= 4.0.2 is affected.
- Version 3.3.0, <= 3.3.3 is affected.
- Version 3.2.0, <= 3.2.2 is affected.
- Version 3.1.0, <= 3.1.1 is affected.
- Version 3.0.0, <= 3.0.2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.