ID

VAR-201703-0262


CVE

CVE-2016-7541


TITLE

FortiOS Vulnerabilities related to security functions

Trust: 0.8

sources: JVNDB: JVNDB-2016-008201

DESCRIPTION

Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x before 5.4.0 could violate a security policy during IPS signature updates when the FortiGate's IPSengine is configured in flow mode. All FortiGate versions with IPS configured in proxy mode (the default mode) are not affected. FortiOS Contains vulnerabilities related to security features.Information may be tampered with. FortiGate FortiOS is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Fortinet FortiOS is a set of security operating systems developed by Fortinet Corporation for the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSL VPN, Web content filtering and anti-spam. Fortinet has a security vulnerability in FortiOS versions 5.2.x prior to 5.2.10 GA and Long lived sessions in versions 5.4.x prior to 5.4.2 GA

Trust: 1.98

sources: NVD: CVE-2016-7541 // JVNDB: JVNDB-2016-008201 // BID: 94477 // VULHUB: VHN-96361

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiosscope:eqversion:5.2.6

Trust: 1.9

vendor:fortinetmodel:fortiosscope:eqversion:5.2.5

Trust: 1.9

vendor:fortinetmodel:fortiosscope:eqversion:5.2.4

Trust: 1.9

vendor:fortinetmodel:fortiosscope:eqversion:5.2.3

Trust: 1.9

vendor:fortinetmodel:fortiosscope:eqversion:5.2.2

Trust: 1.9

vendor:fortinetmodel:fortiosscope:eqversion:5.2.7

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.2.10

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.14

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.2.9

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.2.8

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.2.1

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.13

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.9

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.8

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.7

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.3

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.2

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.1

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.0

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.6

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.5

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.4

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.12

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.11

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.0

Trust: 1.1

vendor:fortinetmodel:fortiosscope:eqversion:5.0.10

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.0.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:ltversion:5.x

Trust: 0.8

vendor:fortinetmodel:fortiosscope:eqversion:5.4.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:neversion:5.4.2

Trust: 0.3

sources: BID: 94477 // JVNDB: JVNDB-2016-008201 // CNNVD: CNNVD-201611-600 // NVD: CVE-2016-7541

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-7541
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-7541
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201611-600
value: MEDIUM

Trust: 0.6

VULHUB: VHN-96361
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-7541
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-96361
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-7541
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-96361 // JVNDB: JVNDB-2016-008201 // CNNVD: CNNVD-201611-600 // NVD: CVE-2016-7541

PROBLEMTYPE DATA

problemtype:CWE-254

Trust: 1.9

sources: VULHUB: VHN-96361 // JVNDB: JVNDB-2016-008201 // NVD: CVE-2016-7541

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201611-600

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201611-600

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-008201

PATCH

title:FortiOS flow-mode detection bypass under certain conditionsurl:https://www.fortiguard.com/psirt/FG-IR-16-088

Trust: 0.8

title:Fortinet FortiOS Repair measures for security bypass vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66041

Trust: 0.6

sources: JVNDB: JVNDB-2016-008201 // CNNVD: CNNVD-201611-600

EXTERNAL IDS

db:NVDid:CVE-2016-7541

Trust: 2.8

db:BIDid:94477

Trust: 2.0

db:JVNDBid:JVNDB-2016-008201

Trust: 0.8

db:CNNVDid:CNNVD-201611-600

Trust: 0.7

db:VULHUBid:VHN-96361

Trust: 0.1

sources: VULHUB: VHN-96361 // BID: 94477 // JVNDB: JVNDB-2016-008201 // CNNVD: CNNVD-201611-600 // NVD: CVE-2016-7541

REFERENCES

url:http://www.securityfocus.com/bid/94477

Trust: 1.7

url:http://fortiguard.com/advisory/fg-ir-16-088

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7541

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2016-7541

Trust: 0.8

url:http://www.fortinet.com/products/fortigate_overview.html

Trust: 0.3

url:http://fortiguard.com/advisory/fortios-flow-mode-detection-bypass-under-certain-conditions

Trust: 0.3

sources: VULHUB: VHN-96361 // BID: 94477 // JVNDB: JVNDB-2016-008201 // CNNVD: CNNVD-201611-600 // NVD: CVE-2016-7541

CREDITS

Yves Bieri, Stefan Frei, Christof Jungo of the Swisscom

Trust: 0.9

sources: BID: 94477 // CNNVD: CNNVD-201611-600

SOURCES

db:VULHUBid:VHN-96361
db:BIDid:94477
db:JVNDBid:JVNDB-2016-008201
db:CNNVDid:CNNVD-201611-600
db:NVDid:CVE-2016-7541

LAST UPDATE DATE

2024-08-14T15:08:26.037000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-96361date:2017-04-04T00:00:00
db:BIDid:94477date:2016-11-24T01:15:00
db:JVNDBid:JVNDB-2016-008201date:2017-04-28T00:00:00
db:CNNVDid:CNNVD-201611-600date:2017-03-31T00:00:00
db:NVDid:CVE-2016-7541date:2017-04-04T18:38:46.273

SOURCES RELEASE DATE

db:VULHUBid:VHN-96361date:2017-03-30T00:00:00
db:BIDid:94477date:2016-11-22T00:00:00
db:JVNDBid:JVNDB-2016-008201date:2017-04-28T00:00:00
db:CNNVDid:CNNVD-201611-600date:2016-11-22T00:00:00
db:NVDid:CVE-2016-7541date:2017-03-30T14:59:00.150