RSA SSH host key lost at shutdown

RSA SSH host key lost at shutdown Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-22-228 Final 1 1 2022-11-01T00:00:00 Current version 2022-11-01T00:00:00 2022-11-01T00:00:00 A key management error vulnerability [CWE-320] affecting the RSA SSH host key in FortiOS may allow an unauthenticated attacker to perform a man in the middle attack. None Improper access control FortiProxy version 7.2.0 through 7.2.1FortiProxy version 7.0.0 through 7.0.7FortiProxy 2.0 all versionsFortiProxy 1.2 all versionsFortiProxy 1.1 all versionsAt leastFortiOS version 7.2.0FortiOS version 7.0.1 through 7.0.6FortiOS version 6.4.0 through 6.4.9FortiOS 6.2 all versions are not affected Please upgrade to FortiOS version 7.2.2 or abovePlease upgrade to FortiOS version 7.0.8 or abovePlease upgrade to FortiOS version 6.4.10 or abovePlease upgrade to FortiProxy version 7.2.2 or abovePlease upgrade to FortiProxy version 7.0.8 or above Fortinet is pleased to thank Samuel Leslie for bringing this issue to our attention under responsible disclosure. FortiOS 7.2.0 FortiOS 7.0.6 FortiOS 7.0.5 FortiOS 7.0.4 FortiOS 7.0.3 FortiOS 7.0.2 FortiOS 7.0.1 FortiOS 6.4.9 FortiOS 6.4.8 FortiOS 6.4.7 FortiOS 6.4.6 FortiOS 6.4.5 FortiOS 6.4.4 FortiOS 6.4.3 FortiOS 6.4.2 FortiOS 6.4.1 FortiOS 6.4.0 FortiProxy 7.2.1 FortiProxy 7.2.0 FortiProxy 7.0.7 FortiProxy 7.0.6 FortiProxy 7.0.5 FortiProxy 7.0.4 FortiProxy 7.0.3 FortiProxy 7.0.2 FortiProxy 7.0.1 FortiProxy 7.0.0 FortiProxy 2.0.14 FortiProxy 2.0.13 FortiProxy 2.0.12 FortiProxy 2.0.11 FortiProxy 2.0.10 FortiProxy 2.0.9 FortiProxy 2.0.8 FortiProxy 2.0.7 FortiProxy 2.0.6 FortiProxy 2.0.5 FortiProxy 2.0.4 FortiProxy 2.0.3 FortiProxy 2.0.2 FortiProxy 2.0.1 FortiProxy 2.0.0 FortiProxy 1.2.13 FortiProxy 1.2.12 FortiProxy 1.2.11 FortiProxy 1.2.10 FortiProxy 1.2.9 FortiProxy 1.2.8 FortiProxy 1.2.7 FortiProxy 1.2.6 FortiProxy 1.2.5 FortiProxy 1.2.4 FortiProxy 1.2.3 FortiProxy 1.2.2 FortiProxy 1.2.1 FortiProxy 1.2.0 FortiProxy 1.1.6 FortiProxy 1.1.5 FortiProxy 1.1.4 FortiProxy 1.1.3 FortiProxy 1.1.2 FortiProxy 1.1.1 FortiProxy 1.1.0 RSA SSH host key lost at shutdown CVE-2022-30307 FortiOS-7.2.0 FortiOS-7.0.6 FortiOS-7.0.5 FortiOS-7.0.4 FortiOS-7.0.3 FortiOS-7.0.2 FortiOS-7.0.1 FortiOS-6.4.9 FortiOS-6.4.8 FortiOS-6.4.7 FortiOS-6.4.6 FortiOS-6.4.5 FortiOS-6.4.4 FortiOS-6.4.3 FortiOS-6.4.2 FortiOS-6.4.1 FortiOS-6.4.0 FortiProxy-7.2.1 FortiProxy-7.2.0 FortiProxy-7.0.7 FortiProxy-7.0.6 FortiProxy-7.0.5 FortiProxy-7.0.4 FortiProxy-7.0.3 FortiProxy-7.0.2 FortiProxy-7.0.1 FortiProxy-7.0.0 FortiProxy-2.0.14 FortiProxy-2.0.13 FortiProxy-2.0.12 FortiProxy-2.0.11 FortiProxy-2.0.10 FortiProxy-2.0.9 FortiProxy-2.0.8 FortiProxy-2.0.7 FortiProxy-2.0.6 FortiProxy-2.0.5 FortiProxy-2.0.4 FortiProxy-2.0.3 FortiProxy-2.0.2 FortiProxy-2.0.1 FortiProxy-2.0.0 FortiProxy-1.2.13 FortiProxy-1.2.12 FortiProxy-1.2.11 FortiProxy-1.2.10 FortiProxy-1.2.9 FortiProxy-1.2.8 FortiProxy-1.2.7 FortiProxy-1.2.6 FortiProxy-1.2.5 FortiProxy-1.2.4 FortiProxy-1.2.3 FortiProxy-1.2.2 FortiProxy-1.2.1 FortiProxy-1.2.0 FortiProxy-1.1.6 FortiProxy-1.1.5 FortiProxy-1.1.4 FortiProxy-1.1.3 FortiProxy-1.1.2 FortiProxy-1.1.1 FortiProxy-1.1.0 3.8 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L/E:U/RL:U/RC:R https://fortiguard.fortinet.com/psirt/FG-IR-22-228 RSA SSH host key lost at shutdown Reference>