CVE-2022-29054

LOW Year: 2022
CVSS v3 Score
3.3
Low
Weakness Type
CWE-329
View all →

Vulnerability Description

A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.9, 6.2.x and 6.0.x may allow an attacker in possession of the encrypted key to decipher it.

Related Vulnerabilities

CVE-2017-3225

MEDIUM
CVSS:4.6(Medium)

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may a...

CWE-3292017

CVE-2022-46397

HIGH
CVSS:7.5(High)

FP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode.

CWE-3292022

CVE-2020-5408

MEDIUM
CVSS:6.5(Medium)

Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the ...

CWE-3292020

CVE-2017-3226

MEDIUM
CVSS:6.4(Medium)

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption (i.e., setti...

CWE-3292017

CVE-2021-27499

MEDIUM
CVSS:5.9(Medium)

Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application layer encryption of the communicatio...

CWE-3292021

CVE-2017-3225

MEDIUM
CVSS:4.6(Medium)

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may a...

CWE-3292017