CVE-2022-30305

HIGH Year: 2022
CVSS v3 Score
7.5
High
Weakness Type
CWE-778
View all →

Vulnerability Description

An insufficient logging [CWE-778] vulnerability in FortiSandbox versions 4.0.0 to 4.0.2, 3.2.0 to 3.2.3 and 3.1.0 to 3.1.5 and FortiDeceptor versions 4.2.0, 4.1.0 through 4.1.1, 4.0.0 through 4.0.2, 3.3.0 through 3.3.3, 3.2.0 through 3.2.2,3.1.0 through 3.1.1 and 3.0.0 through 3.0.2 may allow a remote attacker to repeatedly enter incorrect credentials without causing a log entry, and with no limit on the number of failed authentication attempts.

Related Vulnerabilities

CVE-2019-7613

HIGH
CVSS:7.5(High)

Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient logging flaw. An attacker able to inject certain characters into a log entry could prevent Winlogbeat from recording the event.

CWE-7782019

CVE-2021-43419

HIGH
CVSS:7.5(High)

An Information Disclosure vulnerability exists in Opay Mobile application 1.5.1.26 and maybe be higher in the logcat app.

CWE-7782021

CVE-2023-1995

HIGH
CVSS:7.5(High)

Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-2...

CWE-7782023

CVE-2019-19277

MEDIUM
CVSS:6.5(Medium)

A vulnerability has been identified in SIPORT MP (All versions < 3.1.4). Vulnerable versions of the device allow the creation of special accounts ("service users") with administrative privileges that ...

CWE-7782019

CVE-2024-48967

CRITICAL
CVSS:10.0(Critical)

The ventilator and the Service PC lack sufficient audit logging capabilities to allow for detection of malicious activity and subsequent forensic examination. An attacker with access to the ventilator...

CWE-7782024

CVE-2019-7613

HIGH
CVSS:7.5(High)

Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient logging flaw. An attacker able to inject certain characters into a log entry could prevent Winlogbeat from recording the event.

CWE-7782019