ID

VAR-201904-0538


CVE

CVE-2017-17544


TITLE

Fortinet FortiOS Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2017-014421

DESCRIPTION

A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and below allows admin users to elevate their profile to super_admin via restoring modified configurations. Fortinet FortiOS Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. FortinetFortiOS is a set of Fortinet security operating systems dedicated to the FortiGate network security platform. The system provides users with multiple security features such as firewall, anti-virus, IPSec/SSLVPN, web content filtering and anti-spam. Permissions and access control issues vulnerabilities exist in versions prior to FortinetFortiOS6.2.06.2.0. The vulnerability stems from the lack of effective permissions and access control measures for network systems or products. Fortinet FortiOS is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges and perform unauthorized actions. Versions prior to Fortinet FortiOS 6.2.0 are vulnerable

Trust: 2.52

sources: NVD: CVE-2017-17544 // JVNDB: JVNDB-2017-014421 // CNVD: CNVD-2019-13556 // BID: 107839 // VULHUB: VHN-108577

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-13556

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiosscope:lteversion:5.6.10

Trust: 1.0

vendor:fortinetmodel:fortiosscope:lteversion:5.4.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:5.6.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:6.0.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:lteversion:6.0.6

Trust: 1.0

vendor:fortinetmodel:fortiosscope:ltversion:6.2.0

Trust: 0.8

vendor:fortinetmodel:fortiosscope:ltversion:6.2.06.2.0

Trust: 0.6

vendor:fortinetmodel:fortiosscope:eqversion:6.0.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.10

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.9

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.12

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.11

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.13

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.9

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.19

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.17

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.15

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.9

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.10

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.12

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.11

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.0.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.18

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:4.3.16

Trust: 0.3

vendor:fortinetmodel:fortiosscope:neversion:6.2

Trust: 0.3

sources: CNVD: CNVD-2019-13556 // BID: 107839 // JVNDB: JVNDB-2017-014421 // NVD: CVE-2017-17544

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-17544
value: HIGH

Trust: 1.0

NVD: CVE-2017-17544
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-13556
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201712-455
value: HIGH

Trust: 0.6

VULHUB: VHN-108577
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-17544
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-13556
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-108577
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-17544
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2017-17544
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2019-13556 // VULHUB: VHN-108577 // JVNDB: JVNDB-2017-014421 // CNNVD: CNNVD-201712-455 // NVD: CVE-2017-17544

PROBLEMTYPE DATA

problemtype:CWE-269

Trust: 1.1

problemtype:CWE-264

Trust: 0.9

problemtype:CWE-281

Trust: 0.1

sources: VULHUB: VHN-108577 // JVNDB: JVNDB-2017-014421 // NVD: CVE-2017-17544

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201712-455

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201712-455

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-014421

PATCH

title:FG-IR-17-053url:https://fortiguard.com/psirt/FG-IR-17-053

Trust: 0.8

title:Patch for FortinetFortiOS Permissions and Access Control Issue Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/160663

Trust: 0.6

title:Fortinet FortiOS Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91037

Trust: 0.6

sources: CNVD: CNVD-2019-13556 // JVNDB: JVNDB-2017-014421 // CNNVD: CNNVD-201712-455

EXTERNAL IDS

db:NVDid:CVE-2017-17544

Trust: 3.4

db:BIDid:107839

Trust: 2.6

db:JVNDBid:JVNDB-2017-014421

Trust: 0.8

db:CNNVDid:CNNVD-201712-455

Trust: 0.7

db:CNVDid:CNVD-2019-13556

Trust: 0.6

db:AUSCERTid:ESB-2019.1114.2

Trust: 0.6

db:AUSCERTid:ESB-2019.1114.4

Trust: 0.6

db:VULHUBid:VHN-108577

Trust: 0.1

sources: CNVD: CNVD-2019-13556 // VULHUB: VHN-108577 // BID: 107839 // JVNDB: JVNDB-2017-014421 // CNNVD: CNNVD-201712-455 // NVD: CVE-2017-17544

REFERENCES

url:http://www.securityfocus.com/bid/107839

Trust: 2.9

url:https://fortiguard.com/advisory/fg-ir-17-053

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2017-17544

Trust: 1.4

url:http://www.fortinet.com/

Trust: 0.9

url:https://fortiguard.com/psirt/fg-ir-17-053

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17544

Trust: 0.8

url:https://fortiguard.com/psirt/fg-ir-18-388

Trust: 0.6

url:https://vigilance.fr/vulnerability/fortios-privilege-escalation-via-restoring-modified-configurations-28932

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.1114.2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/78322

Trust: 0.6

sources: CNVD: CNVD-2019-13556 // VULHUB: VHN-108577 // BID: 107839 // JVNDB: JVNDB-2017-014421 // CNNVD: CNNVD-201712-455 // NVD: CVE-2017-17544

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 107839

SOURCES

db:CNVDid:CNVD-2019-13556
db:VULHUBid:VHN-108577
db:BIDid:107839
db:JVNDBid:JVNDB-2017-014421
db:CNNVDid:CNNVD-201712-455
db:NVDid:CVE-2017-17544

LAST UPDATE DATE

2024-08-14T14:56:56.157000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-13556date:2019-05-10T00:00:00
db:VULHUBid:VHN-108577date:2020-08-28T00:00:00
db:BIDid:107839date:2019-04-02T00:00:00
db:JVNDBid:JVNDB-2017-014421date:2019-05-13T00:00:00
db:CNNVDid:CNNVD-201712-455date:2020-04-07T00:00:00
db:NVDid:CVE-2017-17544date:2020-08-28T15:14:11.500

SOURCES RELEASE DATE

db:CNVDid:CNVD-2019-13556date:2019-05-10T00:00:00
db:VULHUBid:VHN-108577date:2019-04-09T00:00:00
db:BIDid:107839date:2019-04-02T00:00:00
db:JVNDBid:JVNDB-2017-014421date:2019-05-13T00:00:00
db:CNNVDid:CNNVD-201712-455date:2017-12-12T00:00:00
db:NVDid:CVE-2017-17544date:2019-04-09T16:29:00.367