VAR-201601-0674
Vulnerability from variot - Updated: 2022-05-17 02:09FortiGate (FortiGate firewall) is a network firewall product launched by Fortinet, which is used to defend against network and malicious code attacks at the network layer and content layer.
Fortigate firewall has SSH authentication backdoor vulnerability. Since the password of the FortiGate firewall Fortimanager_Access user is generated by a relatively simple algorithm, the attacker can directly obtain the highest authorized (root) authority for authentication after analyzing and cracking, and then control the firewall device. The subsequent attacker can use the firewall as a springboard to penetrate the internal area Network, perform operations such as information sniffing and data interception
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0674",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fortios",
"scope": "eq",
"trust": 0.8,
"vendor": "fortigate",
"version": "5.0.0-5.0.7"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.6,
"vendor": "fortigate",
"version": "4.3.0-4.3.16"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.2,
"vendor": "fortigate",
"version": "4.3.0-4.3.16*"
}
],
"sources": [
{
"db": "IVD",
"id": "47d1de3a-1e6d-11e6-8415-000c29c12f8f"
},
{
"db": "CNVD",
"id": "CNVD-2016-00170"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-00170",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "47d1de3a-1e6d-11e6-8415-000c29c12f8f",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2016-00170",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "47d1de3a-1e6d-11e6-8415-000c29c12f8f",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "47d1de3a-1e6d-11e6-8415-000c29c12f8f"
},
{
"db": "CNVD",
"id": "CNVD-2016-00170"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FortiGate (FortiGate firewall) is a network firewall product launched by Fortinet, which is used to defend against network and malicious code attacks at the network layer and content layer. \r\n\r\n\r\nFortigate firewall has SSH authentication backdoor vulnerability. Since the password of the FortiGate firewall Fortimanager_Access user is generated by a relatively simple algorithm, the attacker can directly obtain the highest authorized (root) authority for authentication after analyzing and cracking, and then control the firewall device. The subsequent attacker can use the firewall as a springboard to penetrate the internal area Network, perform operations such as information sniffing and data interception",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00170"
},
{
"db": "IVD",
"id": "47d1de3a-1e6d-11e6-8415-000c29c12f8f"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-00170",
"trust": 0.8
},
{
"db": "IVD",
"id": "47D1DE3A-1E6D-11E6-8415-000C29C12F8F",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "47d1de3a-1e6d-11e6-8415-000c29c12f8f"
},
{
"db": "CNVD",
"id": "CNVD-2016-00170"
}
]
},
"id": "VAR-201601-0674",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "47d1de3a-1e6d-11e6-8415-000c29c12f8f"
},
{
"db": "CNVD",
"id": "CNVD-2016-00170"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "47d1de3a-1e6d-11e6-8415-000c29c12f8f"
},
{
"db": "CNVD",
"id": "CNVD-2016-00170"
}
]
},
"last_update_date": "2022-05-17T02:09:47.741000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Fortigate firewall has SSH authentication backdoor vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/69924"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00170"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://seclists.org/fulldisclosure/2016/jan/26"
},
{
"trust": 0.6,
"url": "http://www.fortiguard.com/advisory/fortios-ssh-undocumented-interactive-login-vulnerability"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00170"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "47d1de3a-1e6d-11e6-8415-000c29c12f8f"
},
{
"db": "CNVD",
"id": "CNVD-2016-00170"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-13T00:00:00",
"db": "IVD",
"id": "47d1de3a-1e6d-11e6-8415-000c29c12f8f"
},
{
"date": "2016-01-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00170"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00170"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fortigate firewall has SSH authentication backdoor vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00170"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "back door",
"sources": [
{
"db": "IVD",
"id": "47d1de3a-1e6d-11e6-8415-000c29c12f8f"
}
],
"trust": 0.2
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…