A read-only administrator on Fortinet devices with FortiOS 5.2.x prior to 5.2.10 GA and 5.4.x prior to 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack them.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortios 5.4.1 |
||
fortinet fortios 5.4.0 |
||
fortinet fortios 5.2.6 |
||
fortinet fortios 5.2.7 |
||
fortinet fortios 5.2.4 |
||
fortinet fortios 5.2.5 |
||
fortinet fortios 5.2.0 |
||
fortinet fortios 5.2.1 |
||
fortinet fortios 5.2.8 |
||
fortinet fortios 5.2.9 |
||
fortinet fortios 5.2.2 |
||
fortinet fortios 5.2.3 |