Details of VAR-202007-0079

ID

VAR-202007-0079

CVE

CVE-2020-12812

TITLE

FortiOS Vulnerability in improper handling of uppercase and lowercase letters in

Trust: 0.8

sources: JVNDB: JVNDB-2020-008709

DESCRIPTION

An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username. FortiOS contains a vulnerability related to improper handling of case sensitivity and an authentication vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. An SSL VPN is a component of a virtual private network (VPN) that uses the Secure Sockets Layer protocol (SSL). Fortinet FortiOS 6.4.0, 6.2.0 to 6.2.3, and 6.0.9 and earlier versions of SSL VPN have a security vulnerability, the vulnerability is caused by the program not properly authenticated

Trust: 1.8

sources: NVD: CVE-2020-12812 // JVNDB: JVNDB-2020-008709 // VULHUB: VHN-165528 // VULMON: CVE-2020-12812

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortios	scope:	gte	version:	6.2.0	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lt	version:	6.0.10	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lt	version:	6.2.4	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	eq	version:	6.4.0	Trust: 1.0
vendor:	フォーティネット	model:	fortios	scope:	eq	version:	-	Trust: 0.8
vendor:	フォーティネット	model:	fortios	scope:	eq	version:	6.4.0	Trust: 0.8
vendor:	フォーティネット	model:	fortios	scope:	eq	version:	6.2.0 to 6.2.3	Trust: 0.8
vendor:	フォーティネット	model:	fortios	scope:	lte	version:	6.0.9 and earlier	Trust: 0.8

sources: JVNDB: JVNDB-2020-008709 // NVD: CVE-2020-12812

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-12812
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2020-12812
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-202007-1029
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-165528
value:	HIGH
Trust: 0.1
VULMON:	CVE-2020-12812
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-12812
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-165528
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-12812
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2020-12812
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-165528 // VULMON: CVE-2020-12812 // JVNDB: JVNDB-2020-008709 // CNNVD: CNNVD-202007-1029 // NVD: CVE-2020-12812

PROBLEMTYPE DATA

problemtype:	CWE-178	Trust: 1.1
problemtype:	CWE-287	Trust: 1.1
problemtype:	Inappropriate authentication (CWE-287) [NVD evaluation ]	Trust: 0.8
problemtype:	Improper case sensitivity (CWE-178) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-165528 // JVNDB: JVNDB-2020-008709 // NVD: CVE-2020-12812

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202007-1029

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202007-1029

PATCH

title:	FG-IR-19-283	url:	https://fortiguard.com/psirt/FG-IR-19-283	Trust: 0.8
title:	Fortinet FortiOS SSL VPN Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=125172	Trust: 0.6
title:	AttackerKB	url:	https://github.com/irinarenteria/attackerkb-clj	Trust: 0.1
title:	Security Matters 2022 Resource List Table of Contents	url:	https://github.com/triw0lf/Security-Matters-22	Trust: 0.1
title:	主流供应商的一些攻击性漏洞汇总	url:	https://github.com/r0eXpeR/supplier	Trust: 0.1
title:	PoC in GitHub	url:	https://github.com/soosmile/POC	Trust: 0.1
title:	Known Exploited Vulnerabilities Detector	url:	https://github.com/Ostorlab/KEV	Trust: 0.1
title:	The Register	url:	https://www.theregister.co.uk/2021/04/06/in_brief_security/	Trust: 0.1
title:	-	url:	https://www.theregister.co.uk/2022/11/18/hive_ransomware_fbi/	Trust: 0.1

sources: VULMON: CVE-2020-12812 // JVNDB: JVNDB-2020-008709 // CNNVD: CNNVD-202007-1029

EXTERNAL IDS

db:	NVD	id:	CVE-2020-12812	Trust: 3.4
db:	JVNDB	id:	JVNDB-2020-008709	Trust: 0.8
db:	CNNVD	id:	CNNVD-202007-1029	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.2407	Trust: 0.6
db:	CNVD	id:	CNVD-2020-50545	Trust: 0.1
db:	VULHUB	id:	VHN-165528	Trust: 0.1
db:	VULMON	id:	CVE-2020-12812	Trust: 0.1

sources: VULHUB: VHN-165528 // VULMON: CVE-2020-12812 // JVNDB: JVNDB-2020-008709 // CNNVD: CNNVD-202007-1029 // NVD: CVE-2020-12812

REFERENCES

url:	https://fortiguard.com/psirt/fg-ir-19-283	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12812	Trust: 1.4
url:	https://www.auscert.org.au/bulletins/esb-2020.2407/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/fortios-privilege-escalation-via-ssl-vpn-2fa-username-case-32837	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/287.html	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/178.html	Trust: 0.1
url:	https://github.com/irinarenteria/attackerkb-clj	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-165528 // VULMON: CVE-2020-12812 // JVNDB: JVNDB-2020-008709 // CNNVD: CNNVD-202007-1029 // NVD: CVE-2020-12812

SOURCES

db:	VULHUB	id:	VHN-165528
db:	VULMON	id:	CVE-2020-12812
db:	JVNDB	id:	JVNDB-2020-008709
db:	CNNVD	id:	CNNVD-202007-1029
db:	NVD	id:	CVE-2020-12812

LAST UPDATE DATE

2024-08-14T15:17:33.539000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-165528	date:	2022-07-12T00:00:00
db:	VULMON	id:	CVE-2020-12812	date:	2024-02-13T00:00:00
db:	JVNDB	id:	JVNDB-2020-008709	date:	2024-03-01T02:56:00
db:	CNNVD	id:	CNNVD-202007-1029	date:	2022-07-14T00:00:00
db:	NVD	id:	CVE-2020-12812	date:	2024-02-13T17:25:58.537

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-165528	date:	2020-07-24T00:00:00
db:	VULMON	id:	CVE-2020-12812	date:	2020-07-24T00:00:00
db:	JVNDB	id:	JVNDB-2020-008709	date:	2020-09-18T00:00:00
db:	CNNVD	id:	CNNVD-202007-1029	date:	2020-07-15T00:00:00
db:	NVD	id:	CVE-2020-12812	date:	2020-07-24T23:15:12.003