Help
FortiDevSec
FortiDevSec is an application security testing product that offers a comprehensive SaaS based continuous application testing for software Developers and DevOps, without the need for any security expertise
dmaciejak
Staff
Staff

Created on ‎01-18-2023 09:45 PM Edited on ‎01-18-2023 09:46 PM By Community Manager

Article Id 243284

Outbreak Alert: OpenSSL Buffer Overflow Vulnerability

Description

This article describes OpenSSL X.509 certificate verification buffer overflow vulnerabilities detection with FortiDevSec.

 

CVE-2022-3602 and CVE-2022-3786 vulnerabilities are 0-day exploits that were discovered on a popular open source library: OpenSSL. Both vulnerabilities are triggered by the X.509 certificate verification code.

Those zero-days can result in a crash or potential remote code execution, allowing the attacker to either impact the availability of the service or to get full control of the target.
Scope

FortiDevSec Container scanner since version 22.4.a.
Solution

Both vulnerabilities are detected by the FortiDevSec Container scanner which is identifying OS packages and open-source dependencies in all container layers provided.

 

The container scanner is enabled by default.

 

A step-by-step guide on how to scan your application is available in the user guide.

 

For more details regarding mtiigating the vulnerability by utilizing Fortinet products, refer to:

https://www.fortiguard.com/outbreak-alert/openssl-buffer-overflow
365
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.