Sign-up

ID

VAR-201703-0263


CVE

CVE-2016-7542


TITLE

FortiOS Vulnerable to information disclosure

Trust: 0.8

sources: JVNDB: JVNDB-2016-008202

DESCRIPTION

A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack them. FortiOS Contains an information disclosure vulnerability.Information may be obtained. Fortinet FortiOS is prone to an local information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Fortinet FortiOS 5.2.0 through 5.2.9 and 5.4.1 are vulnerable. Fortinet FortiOS is a set of security operating systems developed by Fortinet Corporation for the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSL VPN, Web content filtering and anti-spam. A security vulnerability exists in Fortinet in FortiOS 5.2.x prior to 5.2.10 GA and 5.4.x prior to 5.4.2 GA. An attacker could exploit this vulnerability to gain permission to write and read hashes of administrator passwords, and possibly decipher passwords

Trust: 1.98

sources: NVD: CVE-2016-7542 // JVNDB: JVNDB-2016-008202 // BID: 94690 // VULHUB: VHN-96362

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiosscope:eqversion:5.4.1

Trust: 1.9

vendor:fortinetmodel:fortiosscope:eqversion:5.2.6

Trust: 1.9

vendor:fortinetmodel:fortiosscope:eqversion:5.2.5

Trust: 1.9

vendor:fortinetmodel:fortiosscope:eqversion:5.2.4

Trust: 1.9

vendor:fortinetmodel:fortiosscope:eqversion:5.2.3

Trust: 1.9

vendor:fortinetmodel:fortiosscope:eqversion:5.2.2

Trust: 1.9

vendor:fortinetmodel:fortiosscope:eqversion:5.2.1

Trust: 1.9

vendor:fortinetmodel:fortiosscope:eqversion:5.2.0

Trust: 1.9

vendor:fortinetmodel:fortiosscope:eqversion:5.2.7

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.4.0

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.2.9

Trust: 1.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.8

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4.2 ga

Trust: 0.8

vendor:fortinetmodel:fortiosscope:ltversion:5.4.x

Trust: 0.8

vendor:fortinetmodel:fortiosscope:eqversion:5.2.10 ga

Trust: 0.8

vendor:fortinetmodel:fortiosscope:ltversion:5.2.x

Trust: 0.8

vendor:fortinetmodel:fortiosscope:neversion:5.4.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:neversion:5.2.10

Trust: 0.3

sources: BID: 94690 // JVNDB: JVNDB-2016-008202 // CNNVD: CNNVD-201612-096 // NVD: CVE-2016-7542

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-7542
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-7542
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201612-096
value: MEDIUM

Trust: 0.6

VULHUB: VHN-96362
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-7542
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-96362
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-7542
baseSeverity: MEDIUM
baseScore: 4.9
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.2
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-96362 // JVNDB: JVNDB-2016-008202 // CNNVD: CNNVD-201612-096 // NVD: CVE-2016-7542

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-96362 // JVNDB: JVNDB-2016-008202 // NVD: CVE-2016-7542

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201612-096

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201612-096

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-008202

PATCH
title:FortiOS Local Admin Password Hash Leak Vulnerabilityurl:https://www.fortiguard.com/psirt/FG-IR-16-050
Trust: 0.8
title:Fortinet FortiOS Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66146
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-008202 // 
            
            
            
            CNNVD: CNNVD-201612-096

EXTERNAL IDS
db:NVDid:CVE-2016-7542
Trust: 2.8
db:BIDid:94690
Trust: 2.0
db:SECTRACKid:1037394
Trust: 1.1
db:JVNDBid:JVNDB-2016-008202
Trust: 0.8
db:CNNVDid:CNNVD-201612-096
Trust: 0.7
db:VULHUBid:VHN-96362
Trust: 0.1
sources:
            
            
            VULHUB: VHN-96362 // 
            
            
            
            BID: 94690 // 
            
            
            
            JVNDB: JVNDB-2016-008202 // 
            
            
            
            CNNVD: CNNVD-201612-096 // 
            
            
            
            NVD: CVE-2016-7542

REFERENCES
url:http://fortiguard.com/advisory/fg-ir-16-050
Trust: 2.0
url:http://www.securityfocus.com/bid/94690
Trust: 1.7
url:http://www.securitytracker.com/id/1037394
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7542
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2016-7542
Trust: 0.8
url:http://www.fortinet.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-96362 // 
            
            
            
            BID: 94690 // 
            
            
            
            JVNDB: JVNDB-2016-008202 // 
            
            
            
            CNNVD: CNNVD-201612-096 // 
            
            
            
            NVD: CVE-2016-7542

CREDITS
Bryan Schmidt.
Trust: 0.9
sources:
            
            
            BID: 94690 // 
            
            
            
            CNNVD: CNNVD-201612-096

SOURCES
db:VULHUBid:VHN-96362
db:BIDid:94690
db:JVNDBid:JVNDB-2016-008202
db:CNNVDid:CNNVD-201612-096
db:NVDid:CVE-2016-7542

LAST UPDATE DATE
2024-08-14T14:13:34.225000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-96362date:2017-07-28T00:00:00
db:BIDid:94690date:2016-12-20T01:08:00
db:JVNDBid:JVNDB-2016-008202date:2017-04-28T00:00:00
db:CNNVDid:CNNVD-201612-096date:2017-03-31T00:00:00
db:NVDid:CVE-2016-7542date:2017-07-28T01:29:06.500

SOURCES RELEASE DATE
db:VULHUBid:VHN-96362date:2017-03-30T00:00:00
db:BIDid:94690date:2016-12-02T00:00:00
db:JVNDBid:JVNDB-2016-008202date:2017-04-28T00:00:00
db:CNNVDid:CNNVD-201612-096date:2016-12-08T00:00:00
db:NVDid:CVE-2016-7542date:2017-03-30T14:59:00.197