var-202003-0525
Vulnerability from variot
An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage. FortiOS Exists in an open redirect vulnerability.Information may be obtained and tampered with. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. A security vulnerability exists in Fortinet FortiOS. An attacker could exploit this vulnerability to redirect users to malicious websites. The following products and versions are affected: FortiOS 6.2.1, 6.2.0, 5.4.0 to 6.0.8
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202003-0525", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "fortios", "scope": "eq", "trust": 1.8, "vendor": "fortinet", "version": "6.2.0" }, { "model": "fortios", "scope": "eq", "trust": 1.8, "vendor": "fortinet", "version": "6.2.1" }, { "model": "fortios", "scope": "gte", "trust": 1.0, "vendor": "fortinet", "version": "5.4.0" }, { "model": "fortios", "scope": "lte", "trust": 1.0, "vendor": "fortinet", "version": "6.0.8" }, { "model": "fortios", "scope": "eq", "trust": 0.8, "vendor": "fortinet", "version": "5.4.0 \u304b\u3089 6.0.8" }, { "model": "fortios", "scope": "eq", "trust": 0.8, "vendor": "fortinet", "version": "6.0.8" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-015076" }, { "db": "NVD", "id": "CVE-2019-6696" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "6.0.8", "versionStartIncluding": "5.4.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2019-6696" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Independent research team Denis Kolegov, Maxim Gorbunov, Nikita Oleksov and Anton Nikolaev", "sources": [ { "db": "CNNVD", "id": "CNNVD-202002-981" } ], "trust": 0.6 }, "cve": "CVE-2019-6696", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "impactScore": 4.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.8, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2019-015076", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-158131", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 2.8, "impactScore": 2.7, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 6.1, "baseSeverity": "Medium", "confidentialityImpact": "Low", "exploitabilityScore": null, "id": "JVNDB-2019-015076", "impactScore": null, "integrityImpact": "Low", "privilegesRequired": "None", "scope": "Changed", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2019-6696", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "JVNDB-2019-015076", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-202002-981", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-158131", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-158131" }, { "db": "JVNDB", "id": "JVNDB-2019-015076" }, { "db": "NVD", "id": "CVE-2019-6696" }, { "db": "CNNVD", "id": "CNNVD-202002-981" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage. FortiOS Exists in an open redirect vulnerability.Information may be obtained and tampered with. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. A security vulnerability exists in Fortinet FortiOS. An attacker could exploit this vulnerability to redirect users to malicious websites. The following products and versions are affected: FortiOS 6.2.1, 6.2.0, 5.4.0 to 6.0.8", "sources": [ { "db": "NVD", "id": "CVE-2019-6696" }, { "db": "JVNDB", "id": "JVNDB-2019-015076" }, { "db": "VULHUB", "id": "VHN-158131" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-6696", "trust": 2.5 }, { "db": "JVNDB", "id": "JVNDB-2019-015076", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202002-981", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2020.0596", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-158131", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158131" }, { "db": "JVNDB", "id": "JVNDB-2019-015076" }, { "db": "NVD", "id": "CVE-2019-6696" }, { "db": "CNNVD", "id": "CNNVD-202002-981" } ] }, "id": "VAR-202003-0525", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-158131" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T12:35:43.784000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "FG-IR-19-179", "trust": 0.8, "url": "https://fortiguard.com/psirt/fg-ir-19-179" }, { "title": "Fortinet FortiOS Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=110238" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-015076" }, { "db": "CNNVD", "id": "CNNVD-202002-981" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-601", "trust": 1.9 }, { "problemtype": "CWE-20", "trust": 1.0 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158131" }, { "db": "JVNDB", "id": "JVNDB-2019-015076" }, { "db": "NVD", "id": "CVE-2019-6696" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "https://fortiguard.com/psirt/fg-ir-19-179" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6696" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6696" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.0596/" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/fortios-open-redirect-via-admin-webui-initial-password-change-31633" } ], "sources": [ { "db": "VULHUB", "id": "VHN-158131" }, { "db": "JVNDB", "id": "JVNDB-2019-015076" }, { "db": "NVD", "id": "CVE-2019-6696" }, { "db": "CNNVD", "id": "CNNVD-202002-981" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-158131" }, { "db": "JVNDB", "id": "JVNDB-2019-015076" }, { "db": "NVD", "id": "CVE-2019-6696" }, { "db": "CNNVD", "id": "CNNVD-202002-981" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-03-15T00:00:00", "db": "VULHUB", "id": "VHN-158131" }, { "date": "2020-04-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-015076" }, { "date": "2020-03-15T23:15:11.470000", "db": "NVD", "id": "CVE-2019-6696" }, { "date": "2020-02-19T00:00:00", "db": "CNNVD", "id": "CNNVD-202002-981" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-03-19T00:00:00", "db": "VULHUB", "id": "VHN-158131" }, { "date": "2020-04-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-015076" }, { "date": "2021-07-21T11:39:23.747000", "db": "NVD", "id": "CVE-2019-6696" }, { "date": "2020-03-20T00:00:00", "db": "CNNVD", "id": "CNNVD-202002-981" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202002-981" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "FortiOS Open redirect vulnerability in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-015076" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "input validation error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202002-981" } ], "trust": 0.6 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.