Search criteria
6 vulnerabilities found for fortios_ips_engine by fortinet
FKIE_CVE-2023-40718
Vulnerability from fkie_nvd - Published: 2023-10-10 17:15 - Updated: 2024-11-21 08:20
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/psirt/FG-IR-23-090 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/psirt/FG-IR-23-090 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios_ips_engine | * | |
| fortinet | fortios | * | |
| fortinet | fortios_ips_engine | * | |
| fortinet | fortios | * | |
| fortinet | fortios_ips_engine | * | |
| fortinet | fortios | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76621CA9-15A3-45C7-89F6-00FF2F0DB7B5",
"versionEndIncluding": "7.312",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5",
"versionEndExcluding": "7.2.4",
"versionStartIncluding": "7.2.0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E527DD20-7553-4CAD-BFFF-02D2C4DFFADC",
"versionEndIncluding": "7.165",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39A6C2A7-21A4-4BB5-A3B6-9466E5CEA296",
"versionEndExcluding": "7.0.12",
"versionStartIncluding": "7.0.0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E17821E5-7836-4EEA-A383-66CBCD45B258",
"versionEndIncluding": "6.158",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B153B056-24AE-41C4-B644-65E080C18360",
"versionEndExcluding": "6.4.13",
"versionStartIncluding": "6.4.0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets."
},
{
"lang": "es",
"value": "Un conflicto de interpretaci\u00f3n en las versiones 7.321, 7.166 y 6.158 de Fortinet IPS Engine permite a un atacante evadir las funciones de IPS a trav\u00e9s de paquetes TCP manipulados."
}
],
"id": "CVE-2023-40718",
"lastModified": "2024-11-21T08:20:01.453",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-10T17:15:12.560",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-090"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-436"
}
],
"source": "psirt@fortinet.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-436"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-5592
Vulnerability from fkie_nvd - Published: 2019-08-23 20:15 - Updated: 2024-11-21 04:45
Severity ?
Summary
Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@fortinet.com | https://fortiguard.com/advisory/FG-IR-19-145 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://fortiguard.com/advisory/FG-IR-19-145 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortinet | fortios_ips_engine | * | |
| fortinet | fortios_ips_engine | * | |
| fortinet | fortios_ips_engine | * | |
| fortinet | fortios_ips_engine | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "830DC4A3-9C25-4314-9F20-BB6075605D69",
"versionEndIncluding": "3.00547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB91C93-AFCA-4385-8999-71CB5BC1E6AA",
"versionEndIncluding": "4.00036",
"versionStartIncluding": "4.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52FCCBD8-CD08-4C75-8029-740B1C452066",
"versionEndIncluding": "4.00219",
"versionStartIncluding": "4.00200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E01C21FE-03D3-4374-8017-7CA189E3ED5A",
"versionEndIncluding": "5.00006",
"versionStartIncluding": "5.00000",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de relleno de Oracle (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) en la implementaci\u00f3n de relleno CBC de FortiOS IPS motor versi\u00f3n 5.000 a 5.006, 4.000 a 4.036, 4.200 a 4.219, 3.547 y menores, cuando se configura con pol\u00edticas de inspecci\u00f3n profunda SSL y con el sensor IPS habilitado puede permitir que un atacante descifre las conexiones TLS que atraviesan el FortiGate a trav\u00e9s del monitoreo del tr\u00e1fico en una posici\u00f3n de hombre en el medio."
}
],
"id": "CVE-2019-5592",
"lastModified": "2024-11-21T04:45:11.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-23T20:15:10.347",
"references": [
{
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-145"
}
],
"sourceIdentifier": "psirt@fortinet.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-40718 (GCVE-0-2023-40718)
Vulnerability from cvelistv5 – Published: 2023-10-10 16:49 – Updated: 2024-09-18 19:03
VLAI?
Summary
A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets.
Severity ?
CWE
- CWE-436 - Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | IPS Engine |
Affected:
7.321
Affected: 7.166 Affected: 6.158 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-090",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-090"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios_ips_engine",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.321",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.166",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.158",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40718",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T18:59:54.335454Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T19:03:01.519Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Engine",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.321"
},
{
"status": "affected",
"version": "7.166"
},
{
"status": "affected",
"version": "6.158"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:F/RL:O/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-10T16:49:04.727Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-090",
"url": "https://fortiguard.com/psirt/FG-IR-23-090"
}
],
"solutions": [
{
"lang": "en",
"value": "IPS Engine manual download is not needed unless device is offline and cannot download IPS Engine update automatically.\nFixed in IPS Engine version 6.0159 and later.\r\n\u00a0 FortiOS 6.4.13 and later contains IPS engine 6.0160 as the default IPS Engine.\r\n\u00a0 IPS Engine 6.0162 is downloadable from FortiGuard by FortiGate units with a valid subscription running FortiOS 6.4.x.\nFixed in IPS Engine version 7.0166 and later.\r\n\u00a0 FortiOS 7.0.12 and later contains IPS engine 7.0167 as the default IPS Engine.\nFixed in IPS Engine version 7.0313 and later.\r\n\u00a0 FortiOS 7.2.5 and later contains IPS engine 7.0314 as the default IPS Engine.\r\n\u00a0 IPS Engine 7.0322 is downloadable from FortiGuard by FortiGate units with a valid subscription running FortiOS 7.2.x.\nFortiOS 7.4.0 and later contains IPS engine 7.0493 as the default IPS Engine.\n\u00a0"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-40718",
"datePublished": "2023-10-10T16:49:04.727Z",
"dateReserved": "2023-08-21T09:03:44.315Z",
"dateUpdated": "2024-09-18T19:03:01.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5592 (GCVE-0-2019-5592)
Vulnerability from cvelistv5 – Published: 2019-08-23 19:52 – Updated: 2024-10-25 14:05
VLAI?
Summary
Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position.
Severity ?
No CVSS data available.
CWE
- Information disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Fortinet IPS Engine |
Affected:
IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:51.757Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-145"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-5592",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:59:49.317412Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:05:55.461Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet IPS Engine",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-23T19:52:17",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-145"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2019-5592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet IPS Engine",
"version": {
"version_data": [
{
"version_value": "IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-19-145",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-19-145"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2019-5592",
"datePublished": "2019-08-23T19:52:17",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-10-25T14:05:55.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40718 (GCVE-0-2023-40718)
Vulnerability from nvd – Published: 2023-10-10 16:49 – Updated: 2024-09-18 19:03
VLAI?
Summary
A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets.
Severity ?
CWE
- CWE-436 - Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortinet | IPS Engine |
Affected:
7.321
Affected: 7.166 Affected: 6.158 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-090",
"tags": [
"x_transferred"
],
"url": "https://fortiguard.com/psirt/FG-IR-23-090"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fortios_ips_engine",
"vendor": "fortinet",
"versions": [
{
"lessThanOrEqual": "7.321",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.166",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.158",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40718",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-18T18:59:54.335454Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T19:03:01.519Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IPS Engine",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.321"
},
{
"status": "affected",
"version": "7.166"
},
{
"status": "affected",
"version": "6.158"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:F/RL:O/RC:R",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-10T16:49:04.727Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-090",
"url": "https://fortiguard.com/psirt/FG-IR-23-090"
}
],
"solutions": [
{
"lang": "en",
"value": "IPS Engine manual download is not needed unless device is offline and cannot download IPS Engine update automatically.\nFixed in IPS Engine version 6.0159 and later.\r\n\u00a0 FortiOS 6.4.13 and later contains IPS engine 6.0160 as the default IPS Engine.\r\n\u00a0 IPS Engine 6.0162 is downloadable from FortiGuard by FortiGate units with a valid subscription running FortiOS 6.4.x.\nFixed in IPS Engine version 7.0166 and later.\r\n\u00a0 FortiOS 7.0.12 and later contains IPS engine 7.0167 as the default IPS Engine.\nFixed in IPS Engine version 7.0313 and later.\r\n\u00a0 FortiOS 7.2.5 and later contains IPS engine 7.0314 as the default IPS Engine.\r\n\u00a0 IPS Engine 7.0322 is downloadable from FortiGuard by FortiGate units with a valid subscription running FortiOS 7.2.x.\nFortiOS 7.4.0 and later contains IPS engine 7.0493 as the default IPS Engine.\n\u00a0"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-40718",
"datePublished": "2023-10-10T16:49:04.727Z",
"dateReserved": "2023-08-21T09:03:44.315Z",
"dateUpdated": "2024-09-18T19:03:01.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5592 (GCVE-0-2019-5592)
Vulnerability from nvd – Published: 2019-08-23 19:52 – Updated: 2024-10-25 14:05
VLAI?
Summary
Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position.
Severity ?
No CVSS data available.
CWE
- Information disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Fortinet IPS Engine |
Affected:
IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:51.757Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-145"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-5592",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:59:49.317412Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T14:05:55.461Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Fortinet IPS Engine",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-23T19:52:17",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://fortiguard.com/advisory/FG-IR-19-145"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@fortinet.com",
"ID": "CVE-2019-5592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Fortinet IPS Engine",
"version": {
"version_data": [
{
"version_value": "IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-19-145",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-19-145"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2019-5592",
"datePublished": "2019-08-23T19:52:17",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-10-25T14:05:55.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}