Details of VAR-201610-0365

ID

VAR-201610-0365

CVE

CVE-2016-7560

TITLE

Fortinet FortiWLC of rsyncd Vulnerability to read and write arbitrary files on the server

Trust: 0.8

sources: JVNDB: JVNDB-2016-005173

DESCRIPTION

The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 has a hardcoded rsync account, which allows remote attackers to read or write to arbitrary files via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. http://cwe.mitre.org/data/definitions/798.htmlA third party may read or write arbitrary files. FortinetFortiWLC is a wireless controller from Fortinet. FortiWLC is prone to a security-bypass vulnerability. An attacker can exploit this issue to gain access to the system and obtain sensitive information that may lead to further attack. The following versions are affected: Fortinet FortiWLC 6.1-2-29 and prior, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, 8.2-4-0 Version

Trust: 2.61

sources: NVD: CVE-2016-7560 // JVNDB: JVNDB-2016-005173 // CNVD: CNVD-2016-08622 // BID: 93286 // VULHUB: VHN-96380 // VULMON: CVE-2016-7560

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-08622

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortiwlc	scope:	eq	version:	8.2-4-0	Trust: 3.3
vendor:	fortinet	model:	fortiwlc	scope:	eq	version:	8.1-2-0	Trust: 3.3
vendor:	fortinet	model:	fortiwlc	scope:	eq	version:	8.0-5-0	Trust: 3.3
vendor:	fortinet	model:	fortiwlc	scope:	eq	version:	7.0-9-1	Trust: 3.3
vendor:	fortinet	model:	fortiwlc	scope:	eq	version:	7.0-10-0	Trust: 3.3
vendor:	fortinet	model:	fortiwlc	scope:	lte	version:	6.1-2-29	Trust: 1.8
vendor:	fortinet	model:	fortiwlc	scope:	eq	version:	6.1-2-29	Trust: 1.5

sources: CNVD: CNVD-2016-08622 // BID: 93286 // JVNDB: JVNDB-2016-005173 // CNNVD: CNNVD-201610-119 // NVD: CVE-2016-7560

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-7560
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2016-7560
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2016-08622
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201610-119
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-96380
value:	HIGH
Trust: 0.1
VULMON:	CVE-2016-7560
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-7560
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2016-08622
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-96380
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-7560
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-08622 // VULHUB: VHN-96380 // VULMON: CVE-2016-7560 // JVNDB: JVNDB-2016-005173 // CNNVD: CNNVD-201610-119 // NVD: CVE-2016-7560

PROBLEMTYPE DATA

problemtype:	CWE-798	Trust: 1.1
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-96380 // JVNDB: JVNDB-2016-005173 // NVD: CVE-2016-7560

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-119

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201610-119

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005173

PATCH

title:	FortiWLC Undocumented Hardcoded Rsync Account	url:	http://fortiguard.com/advisory/FG-IR-16-029	Trust: 0.8
title:	FortinetFortiWLC security bypass vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/82169	Trust: 0.6
title:	Fortinet FortiWLC Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64544	Trust: 0.6

sources: CNVD: CNVD-2016-08622 // JVNDB: JVNDB-2016-005173 // CNNVD: CNNVD-201610-119

EXTERNAL IDS

db:	NVD	id:	CVE-2016-7560	Trust: 3.5
db:	BID	id:	93286	Trust: 2.1
db:	AUSCERT	id:	ESB-2016.2303	Trust: 1.2
db:	JVNDB	id:	JVNDB-2016-005173	Trust: 0.8
db:	CNNVD	id:	CNNVD-201610-119	Trust: 0.7
db:	CNVD	id:	CNVD-2016-08622	Trust: 0.6
db:	VULHUB	id:	VHN-96380	Trust: 0.1
db:	VULMON	id:	CVE-2016-7560	Trust: 0.1

sources: CNVD: CNVD-2016-08622 // VULHUB: VHN-96380 // VULMON: CVE-2016-7560 // BID: 93286 // JVNDB: JVNDB-2016-005173 // CNNVD: CNNVD-201610-119 // NVD: CVE-2016-7560

REFERENCES

url:	http://fortiguard.com/advisory/fg-ir-16-029	Trust: 2.1
url:	http://www.securityfocus.com/bid/93286	Trust: 1.3
url:	http://www.auscert.org.au/./render.html?it=39190	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7560	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7560	Trust: 0.8
url:	http://www.fortinet.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/798.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2016-08622 // VULHUB: VHN-96380 // VULMON: CVE-2016-7560 // BID: 93286 // JVNDB: JVNDB-2016-005173 // CNNVD: CNNVD-201610-119 // NVD: CVE-2016-7560

CREDITS

University of Toronto

Trust: 0.6

sources: CNNVD: CNNVD-201610-119

SOURCES

db:	CNVD	id:	CNVD-2016-08622
db:	VULHUB	id:	VHN-96380
db:	VULMON	id:	CVE-2016-7560
db:	BID	id:	93286
db:	JVNDB	id:	JVNDB-2016-005173
db:	CNNVD	id:	CNNVD-201610-119
db:	NVD	id:	CVE-2016-7560

LAST UPDATE DATE

2024-11-23T22:42:19.940000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-08622	date:	2016-10-11T00:00:00
db:	VULHUB	id:	VHN-96380	date:	2016-12-02T00:00:00
db:	VULMON	id:	CVE-2016-7560	date:	2016-12-02T00:00:00
db:	BID	id:	93286	date:	2016-10-10T00:02:00
db:	JVNDB	id:	JVNDB-2016-005173	date:	2016-10-13T00:00:00
db:	CNNVD	id:	CNNVD-201610-119	date:	2016-10-11T00:00:00
db:	NVD	id:	CVE-2016-7560	date:	2024-11-21T02:58:12.563

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-08622	date:	2016-10-11T00:00:00
db:	VULHUB	id:	VHN-96380	date:	2016-10-05T00:00:00
db:	VULMON	id:	CVE-2016-7560	date:	2016-10-05T00:00:00
db:	BID	id:	93286	date:	2016-09-30T00:00:00
db:	JVNDB	id:	JVNDB-2016-005173	date:	2016-10-13T00:00:00
db:	CNNVD	id:	CNNVD-201610-119	date:	2016-09-30T00:00:00
db:	NVD	id:	CVE-2016-7560	date:	2016-10-05T16:59:07.900