Detections
Analytics

Fortinet FortiMail < 5.0.9 / 5.1.6 / 5.2.4 HTTP Debug Information Disclosure

medium Nessus Plugin ID 82996

Language:

Synopsis

The remote host is affected by an information disclosure vulnerability.

Description

The remote host is running a version of FortiMail that is prior to 5.0.9 / 5.1.6 / 5.2.4. It is, therefore, affected by an information disclosure vulnerability due to HTTP debug commands improperly dumping user credentials in the debug logs. This allows a remote, authenticated attacker to disclose user credentials entered in the admin WebGUI and webmail login page forms.

Solution

No fix is currently available at this time (2015/04/21).
 The vendor plans to release FortiMail 5.0.9 / 5.1.6 / 5.2.4 to address the vulnerability.

See Also

https://fortiguard.com/psirt/FG-IR-15-009

Plugin Details

Severity: Medium

ID: 82996

File Name: fortimail_FG-IR-015-009.nasl

Version: 1.9

Type: local

Family: CGI abuses

Published: 4/22/2015

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:fortinet:fortimail

Required KB Items: Host/Fortigate/model, Host/Fortigate/version

Exploit Ease: No known exploits are available

Patch Publication Date: 4/10/2015

Vulnerability Publication Date: 4/10/2015

Reference Information

CVE: CVE-2015-3293

BID: 71543