Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Mark_Feng
New Contributor

CVE-2022-0778 vulnerability issue

Vul of CVE-2022-0778 found at 2022-03-15 (https://www.openssl.org/news/secadv/20220315.txt),

 

The openssl version is affects :1.0.2, 1.1.1 and 3.0

 

It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022.

 

OpenSSL 1.0.2 users should upgrade to 1.0.2zd (premium support customers only)

OpenSSL 1.1.1 users should upgrade to 1.1.1n

OpenSSL 3.0 users should upgrade to 3.0.2

 

Does Forti Product is affected by this Vul ?

1 Solution
Stelios_FTNT
Staff
Staff
5 REPLIES 5
sharmaj
Staff
Staff

Hi,

Fortinet related products I believe are not directly affected by this.

However, if you are working with Certificate based authentication on SSL VPN, you might still be open to vulnerabilities

Suggestion would be to go with upgrade of OpenSSL as mentioned in order to avoid this .

Jay sharma
Mark_Feng

Thanks for your reply.

 

Will Fortinet make a PSIRT  about it?   

 

sharmaj

If this vulnerability is found to be affecting Fortinet related products, then the advisory will be released pertaining to that

Jay sharma
Stelios_FTNT
Staff
Staff

PSIRT Advisory has been published:
https://fortiguard.fortinet.com/psirt/FG-IR-22-059

MarthaRich
New Contributor

I want to know the solution for my CVE-2022-0778 vulnerability issue. And I am really very happy after finding your post. I was looking for business plans for starting a flower shop business and while searching for them online, I have found your post.

Top Kudoed Authors