Fortinet FortiOS 5.0.x < 5.0.5 FortiToken Security Bypass
Medium Nessus Plugin ID 85738
SynopsisThe remote host is affected by a security bypass vulnerability.
DescriptionThe remote host is running a version of Fortinet FortiOS 5.0.x prior to 5.0.5. It is, therefore, affected by a security bypass vulnerability due to an unspecified flaw in FortiToken. An unauthenticated, remote attacker can exploit this to successfully authenticate even when a token is locked.
SolutionUpgrade to Fortinet FortiOS 5.0.5 or later.