CVE: CVE-2022-26117

Export to Word

An empty password in configuration file vulnerability [CWE-258] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.3 and below may allow an authenticated attacker to access the MySQL databases via the CLI.

Threat-Mapped Scoring

Score: 3.0

Priority: P2 - Serious (High)

S1 – Steal Customer Account Information

EPSS

Score: 0.00495
Percentile: 0.64747

CVSS Scoring

CVSS v3.1 Score: 8.8

Severity: HIGH

Mapped CWE(s)

CWE-521 : Weak Password Requirements

All CAPEC(s)

CAPEC-112: Brute Force
CAPEC-16: Dictionary-based Password Attack
CAPEC-49: Password Brute Forcing
CAPEC-509: Kerberoasting
CAPEC-55: Rainbow Table Password Cracking
CAPEC-555: Remote Services with Stolen Credentials
CAPEC-561: Windows Admin Shares with Stolen Credentials
CAPEC-565: Password Spraying
CAPEC-70: Try Common or Default Usernames and Passwords

CAPEC(s) with Mapped TTPs

CAPEC-112: Brute Force
Mapped TTPs:
- T1110 : Brute Force
CAPEC-49: Password Brute Forcing
Mapped TTPs:
- T1110.001 : Password Guessing
CAPEC-509: Kerberoasting
Mapped TTPs:
- T1558.003 : Kerberoasting
CAPEC-55: Rainbow Table Password Cracking
Mapped TTPs:
- T1110.002 : Password Cracking
CAPEC-555: Remote Services with Stolen Credentials
Mapped TTPs:
- T1021 : Remote Services
- T1114.002 : Remote Email Collection
- T1133 : External Remote Services
CAPEC-561: Windows Admin Shares with Stolen Credentials
Mapped TTPs:
- T1021.002 : SMB/Windows Admin Shares
CAPEC-565: Password Spraying
Mapped TTPs:
- T1110.003 : Password Spraying
CAPEC-70: Try Common or Default Usernames and Passwords
Mapped TTPs:
- T1078.001 : Default Accounts

Mapped ATT&CK TTPs

T1110 : Brute Force
Kill Chain: credential-access
T1110.001 : Password Guessing
Kill Chain: credential-access
T1558.003 : Kerberoasting
Kill Chain: credential-access
T1110.002 : Password Cracking
Kill Chain: credential-access
T1021 : Remote Services
Kill Chain: lateral-movement
T1114.002 : Remote Email Collection
Kill Chain: collection
T1133 : External Remote Services
Kill Chain: persistence
T1021.002 : SMB/Windows Admin Shares
Kill Chain: lateral-movement
T1110.003 : Password Spraying
Kill Chain: credential-access
T1078.001 : Default Accounts
Kill Chain: defense-evasion

Malware

APTs Threat Group Associations

Campaigns

C0027
Operation Wocao
ArcaneDoor
SolarWinds Compromise
Operation CuckooBees
CostaRicto
2016 Ukraine Electric Power Attack
2015 Ukraine Electric Power Attack
Operation Dream Job
APT28 Nearest Neighbor Campaign
Night Dragon
Leviathan Australian Intrusions
Operation MidnightEclipse
C0032
HomeLand Justice
Cutting Edge

Affected Products

cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortinac:8.3.7:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortinac:8.5.4:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortinac:8.6.0:*:*:*:*:*:*:*

← Back to Home