CVE-2022-0778 vulnerability issue

Forum|Forum|4 years ago
March 19, 2022
3 replies
10810 views

Vul of CVE-2022-0778 found at 2022-03-15 (https://www.openssl.org/news/secadv/20220315.txt),

The openssl version is affects :1.0.2, 1.1.1 and 3.0

It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022.

OpenSSL 1.0.2 users should upgrade to 1.0.2zd (premium support customers only)

OpenSSL 1.1.1 users should upgrade to 1.1.1n

OpenSSL 3.0 users should upgrade to 3.0.2

Does Forti Product is affected by this Vul ?

Best answer by Stelios_FTNT

PSIRT Advisory has been published:
https://fortiguard.fortinet.com/psirt/FG-IR-22-059

sharmaj

Staff

Hi,

Fortinet related products I believe are not directly affected by this.

However, if you are working with Certificate based authentication on SSL VPN, you might still be open to vulnerabilities

Suggestion would be to go with upgrade of OpenSSL as mentioned in order to avoid this .

Mark_FengAuthor

New Member

Thanks for your reply.

Will Fortinet make a PSIRT about it?

sharmaj

Staff

If this vulnerability is found to be affecting Fortinet related products, then the advisory will be released pertaining to that

Stelios_FTNTAnswer

Staff

PSIRT Advisory has been published:
https://fortiguard.fortinet.com/psirt/FG-IR-22-059

MarthaRich

New Member

I want to know the solution for my CVE-2022-0778 vulnerability issue. And I am really very happy after finding your post. I was looking for business plans for starting a flower shop business and while searching for them online, I have found your post.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded