Detections
Analytics
Fortinet FortiOS 5.2.x < 5.2.10 / 5.4.1 < 5.4.2 Local Password Hash Disclosure (FG-IR-16-050)
medium Nessus Plugin ID 97066
Language:
Synopsis
The remote host is affected by a local information disclosure vulnerability.Description
The remote FortiGate device is running a version of FortiOS that is 5.2.x prior to 5.2.10, or else it is running version 5.4.1. It is, therefore, affected by a local information disclosure vulnerability due to a failure to properly protect password hashes stored on the device. A local attacker can exploit this to obtain password hashes of other users on the device, allowing the attacker to possibly obtain user passwords, including the passwords of super-admin users.Solution
Upgrade to Fortinet FortiOS 5.2.10 / 5.4.2 or later.See Also
https://fortiguard.com/psirt/FG-IR-16-050
https://labs.mwrinfosecurity.com/advisories/fortigate-hash/
https://tools.cisco.com/security/center/viewAlert.x?alertId=50993
Plugin Details
Severity: Medium
ID: 97066
File Name: fortios_FG-IR-16-050.nasl
Version: 1.6
Type: local
Family: Firewalls
Published: 2/8/2017
Updated: 11/13/2019
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 4
Temporal Score: 3
Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N
CVSS Score Source: CVE-2016-7542
CVSS v3
Risk Factor: Medium
Base Score: 4.9
Temporal Score: 4.3
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:fortinet:fortios
Required KB Items: Host/Fortigate/model, Host/Fortigate/version
Exploit Ease: No known exploits are available
Patch Publication Date: 12/2/2016
Vulnerability Publication Date: 12/2/2016
Reference Information
CVE: CVE-2016-7542
BID: 94690