ID

VAR-201908-0098


CVE

CVE-2019-5592


TITLE

FortiOS IPS engine Vulnerable to information disclosure

Trust: 0.8

sources: JVNDB: JVNDB-2019-008576

DESCRIPTION

Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position. FortiOS IPS engine Contains an information disclosure vulnerability.Information may be obtained. FortiOS IPS engine is prone to an information-disclosure vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. This vulnerability stems from configuration errors in network systems or products during operation

Trust: 1.98

sources: NVD: CVE-2019-5592 // JVNDB: JVNDB-2019-008576 // BID: 109337 // VULHUB: VHN-157027

AFFECTED PRODUCTS

vendor:fortinetmodel:fortios ips enginescope:gteversion:4.00200

Trust: 1.0

vendor:fortinetmodel:fortios ips enginescope:lteversion:4.00036

Trust: 1.0

vendor:fortinetmodel:fortios ips enginescope:lteversion:5.00006

Trust: 1.0

vendor:fortinetmodel:fortios ips enginescope:gteversion:4.00000

Trust: 1.0

vendor:fortinetmodel:fortios ips enginescope:lteversion:3.00547

Trust: 1.0

vendor:fortinetmodel:fortios ips enginescope:lteversion:4.00219

Trust: 1.0

vendor:fortinetmodel:fortios ips enginescope:gteversion:5.00000

Trust: 1.0

vendor:fortinetmodel:fortios ips enginescope:lteversion:3.547

Trust: 0.8

vendor:fortinetmodel:fortios ips enginescope:eqversion:4.000 to 4.036

Trust: 0.8

vendor:fortinetmodel:fortios ips enginescope:eqversion:4.200 to 4.219

Trust: 0.8

vendor:fortinetmodel:fortios ips enginescope:eqversion:5.000 to 5.006

Trust: 0.8

vendor:fortinetmodel:ips enginescope:eqversion:5.00200

Trust: 0.3

vendor:fortinetmodel:ips enginescope:eqversion:5.00006

Trust: 0.3

vendor:fortinetmodel:ips enginescope:eqversion:5.00000

Trust: 0.3

vendor:fortinetmodel:ips enginescope:eqversion:4.00219

Trust: 0.3

vendor:fortinetmodel:ips enginescope:eqversion:4.00036

Trust: 0.3

vendor:fortinetmodel:ips enginescope:eqversion:4.00000

Trust: 0.3

vendor:fortinetmodel:ips enginescope:eqversion:3.00547

Trust: 0.3

sources: BID: 109337 // JVNDB: JVNDB-2019-008576 // NVD: CVE-2019-5592

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-5592
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-5592
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201907-1256
value: MEDIUM

Trust: 0.6

VULHUB: VHN-157027
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-5592
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-157027
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-5592
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-5592
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-157027 // JVNDB: JVNDB-2019-008576 // CNNVD: CNNVD-201907-1256 // NVD: CVE-2019-5592

PROBLEMTYPE DATA

problemtype:CWE-347

Trust: 1.1

problemtype:CWE-200

Trust: 0.9

sources: VULHUB: VHN-157027 // JVNDB: JVNDB-2019-008576 // NVD: CVE-2019-5592

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201907-1256

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-201907-1256

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-008576

PATCH

title:FG-IR-19-145url:https://fortiguard.com/advisory/FG-IR-19-145

Trust: 0.8

title:Fortinet FortiOS IPS engine Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95423

Trust: 0.6

sources: JVNDB: JVNDB-2019-008576 // CNNVD: CNNVD-201907-1256

EXTERNAL IDS

db:NVDid:CVE-2019-5592

Trust: 2.8

db:BIDid:109337

Trust: 1.0

db:JVNDBid:JVNDB-2019-008576

Trust: 0.8

db:CNNVDid:CNNVD-201907-1256

Trust: 0.7

db:AUSCERTid:ESB-2019.2765

Trust: 0.6

db:AUSCERTid:ESB-2019.2765.2

Trust: 0.6

db:VULHUBid:VHN-157027

Trust: 0.1

sources: VULHUB: VHN-157027 // BID: 109337 // JVNDB: JVNDB-2019-008576 // CNNVD: CNNVD-201907-1256 // NVD: CVE-2019-5592

REFERENCES

url:https://fortiguard.com/advisory/fg-ir-19-145

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-5592

Trust: 1.4

url:http://www.fortinet.com/

Trust: 0.9

url:https://fortiguard.com/psirt/fg-ir-19-145

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5592

Trust: 0.8

url:https://vigilance.fr/vulnerability/fortios-on-ips-engine-information-disclosure-via-ssl-deep-inspection-padding-oracle-29861

Trust: 0.6

url:https://www.securityfocus.com/bid/109337

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.2765/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.2765.2/

Trust: 0.6

sources: VULHUB: VHN-157027 // BID: 109337 // JVNDB: JVNDB-2019-008576 // CNNVD: CNNVD-201907-1256 // NVD: CVE-2019-5592

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 109337

SOURCES

db:VULHUBid:VHN-157027
db:BIDid:109337
db:JVNDBid:JVNDB-2019-008576
db:CNNVDid:CNNVD-201907-1256
db:NVDid:CVE-2019-5592

LAST UPDATE DATE

2024-08-14T14:26:13.676000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-157027date:2020-08-24T00:00:00
db:BIDid:109337date:2019-07-23T00:00:00
db:JVNDBid:JVNDB-2019-008576date:2019-09-03T00:00:00
db:CNNVDid:CNNVD-201907-1256date:2020-10-28T00:00:00
db:NVDid:CVE-2019-5592date:2020-08-24T17:37:01.140

SOURCES RELEASE DATE

db:VULHUBid:VHN-157027date:2019-08-23T00:00:00
db:BIDid:109337date:2019-07-23T00:00:00
db:JVNDBid:JVNDB-2019-008576date:2019-09-03T00:00:00
db:CNNVDid:CNNVD-201907-1256date:2019-07-23T00:00:00
db:NVDid:CVE-2019-5592date:2019-08-23T20:15:10.347