Fortinet FortiOS 5.2.x < 5.2.10 / 5.4.1 < 5.4.2 Local Password Hash Disclosure (FG-IR-16-050)

Low Nessus Plugin ID 97066


The remote host is affected by a local information disclosure vulnerability.


The remote FortiGate device is running a version of FortiOS that is 5.2.x prior to 5.2.10, or else it is running version 5.4.1. It is, therefore, affected by a local information disclosure vulnerability due to a failure to properly protect password hashes stored on the device. A local attacker can exploit this to obtain password hashes of other users on the device, allowing the attacker to possibly obtain user passwords, including the passwords of super-admin users.


Upgrade to Fortinet FortiOS 5.2.10 / 5.4.2 or later.

See Also

Plugin Details

Severity: Low

ID: 97066

File Name: fortios_FG-IR-16-050.nasl

Version: $Revision: 1.2 $

Type: local

Family: Firewalls

Published: 2017/02/08

Modified: 2017/02/10

Dependencies: 73522

Risk Information

Risk Factor: Low


Base Score: 2.1

Temporal Score: 1.7

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND


Base Score: 2.3

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

CPE: cpe:/o:fortinet:fortios

Required KB Items: Host/Fortigate/model, Host/Fortigate/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/12/02

Vulnerability Publication Date: 2016/12/02

Reference Information

CVE: CVE-2016-7542

BID: 94690

OSVDB: 148229