ID

VAR-201409-0388


CVE

CVE-2014-0351


TITLE

FortiNet FortiGate and FortiWiFi appliances contain multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#730964

DESCRIPTION

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or interfere with communications by modifying the client-server data stream. Fortinet FortiGate and FortiWiFi appliances are susceptible to man-in-the-middle attacks (CWE-300) and a heap-based overflow vulnerability (CWE-122). In addition, JVNVU#96848844 Then CWE-300 and CWE-122 Published as. CWE-300: Channel Accessible by Non-Endpoint ('Man-in-the-Middle') http://cwe.mitre.org/data/definitions/300.html CWE-122: Heap-based Buffer Overflow http://cwe.mitre.org/data/definitions/122.htmlMan-in-the-middle attack (man-in-the-middle attack) By changing the data stream between client and server, important information may be obtained or communication may be interrupted. Fortinet FortiOS is prone to an information-disclosure vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and disclose sensitive information. Successful exploits will lead to other attacks. Fortinet FortiOS is a set of security operating systems developed by Fortinet Corporation for the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSL VPN, Web content filtering and anti-spam. There is a security vulnerability in the Fortinet FortiOS 4.3.15 and earlier versions and FortiManager protocol service of FortiManager 5.x versions earlier than 5.0.8 on FortiGate devices. The vulnerability stems from the fact that the program does not verify the use of anonymous cipher suites

Trust: 2.7

sources: NVD: CVE-2014-0351 // CERT/CC: VU#730964 // JVNDB: JVNDB-2014-004144 // BID: 69754 // VULHUB: VHN-67844

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiosscope:eqversion:5.0.3

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.4

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:4.3.12

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:4.3.10

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.6

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.5

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.7

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:4.3.13

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.0

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:4.3.14

Trust: 1.0

vendor:fortinetmodel:fortiosscope:lteversion:4.3.15

Trust: 1.0

vendor:fortinetmodel: - scope: - version: -

Trust: 0.8

vendor:fortinetmodel:fortiosscope:eqversion:5.0.8

Trust: 0.8

vendor:fortinetmodel:fortiosscope:ltversion:5.x

Trust: 0.8

vendor:fortinetmodel:fortiosscope:eqversion:4.3.15

Trust: 0.6

sources: CERT/CC: VU#730964 // JVNDB: JVNDB-2014-004144 // CNNVD: CNNVD-201409-466 // NVD: CVE-2014-0351

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-0351
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-0351
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201409-466
value: MEDIUM

Trust: 0.6

VULHUB: VHN-67844
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-0351
severity: MEDIUM
baseScore: 5.4
vectorString: AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 5.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-67844
severity: MEDIUM
baseScore: 5.4
vectorString: AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 5.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-67844 // JVNDB: JVNDB-2014-004144 // CNNVD: CNNVD-201409-466 // NVD: CVE-2014-0351

PROBLEMTYPE DATA

problemtype:CWE-310

Trust: 1.9

problemtype:CWE-300

Trust: 0.8

problemtype:CWE-122

Trust: 0.8

problemtype:CWE-Other

Trust: 0.8

sources: CERT/CC: VU#730964 // VULHUB: VHN-67844 // JVNDB: JVNDB-2014-004144 // NVD: CVE-2014-0351

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201409-466

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201409-466

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-004144

PATCH

title:FortiGate Vulnerabilities in FortiManager Serviceurl:http://www.fortiguard.com/advisory/FG-IR-14-006/

Trust: 0.8

sources: JVNDB: JVNDB-2014-004144

EXTERNAL IDS

db:NVDid:CVE-2014-0351

Trust: 2.8

db:CERT/CCid:VU#730964

Trust: 2.2

db:BIDid:69754

Trust: 1.4

db:JVNid:JVNVU96848844

Trust: 0.8

db:JVNDBid:JVNDB-2014-004144

Trust: 0.8

db:CNNVDid:CNNVD-201409-466

Trust: 0.6

db:VULHUBid:VHN-67844

Trust: 0.1

sources: CERT/CC: VU#730964 // VULHUB: VHN-67844 // BID: 69754 // JVNDB: JVNDB-2014-004144 // CNNVD: CNNVD-201409-466 // NVD: CVE-2014-0351

REFERENCES

url:http://www.fortiguard.com/advisory/fg-ir-14-006/

Trust: 2.8

url:http://www.kb.cert.org/vuls/id/730964

Trust: 1.4

url:http://www.securityfocus.com/bid/69754

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/96119

Trust: 1.1

url:https://cwe.mitre.org/data/definitions/122.html

Trust: 0.8

url:https://cwe.mitre.org/data/definitions/300.html

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0351

Trust: 0.8

url:http://jvn.jp/vu/jvnvu96848844/

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0351

Trust: 0.8

url:https://www.fortinet.com/products/fortigate/fortios.html

Trust: 0.3

sources: CERT/CC: VU#730964 // VULHUB: VHN-67844 // BID: 69754 // JVNDB: JVNDB-2014-004144 // CNNVD: CNNVD-201409-466 // NVD: CVE-2014-0351

CREDITS

Gregor Kopf (Recurity Labs)

Trust: 0.3

sources: BID: 69754

SOURCES

db:CERT/CCid:VU#730964
db:VULHUBid:VHN-67844
db:BIDid:69754
db:JVNDBid:JVNDB-2014-004144
db:CNNVDid:CNNVD-201409-466
db:NVDid:CVE-2014-0351

LAST UPDATE DATE

2024-08-14T14:34:06.556000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#730964date:2014-09-19T00:00:00
db:VULHUBid:VHN-67844date:2017-08-29T00:00:00
db:BIDid:69754date:2014-09-22T18:18:00
db:JVNDBid:JVNDB-2014-004144date:2014-09-26T00:00:00
db:CNNVDid:CNNVD-201409-466date:2014-09-15T00:00:00
db:NVDid:CVE-2014-0351date:2017-08-29T01:34:08.623

SOURCES RELEASE DATE

db:CERT/CCid:VU#730964date:2014-09-19T00:00:00
db:VULHUBid:VHN-67844date:2014-09-10T00:00:00
db:BIDid:69754date:2014-09-08T00:00:00
db:JVNDBid:JVNDB-2014-004144date:2014-09-12T00:00:00
db:CNNVDid:CNNVD-201409-466date:2014-09-15T00:00:00
db:NVDid:CVE-2014-0351date:2014-09-10T18:55:02.643