This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote host is affected by multiple vulnerabilities.
The remote host is running FortiOS prior to 4.3.16 or 5.x prior to
5.0.8. It is, therefore, affected by the following vulnerabilities :
- A flaw exists within the FortiManager service when
handling incoming requests. Using a specially crafted
request, a remote attacker can exploit this to cause a
denial of service or possibly execute arbitrary code.
- A flaw exists within the FortiManager communications
protocol that allows a man-in-the-middle attacker,
using an anonymous cipher suite, to acquire sensitive
information or otherwise impact host communications.
See also :
Upgrade to Fortinet FortiOS 4.3.16 / 5.0.8 / 5.2.0 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : false