Lucene search

[email protected]CVE-2005-1837

HistoryJun 02, 2005 - 4:00 a.m.

CVE-2005-1837

2005-06-0204:00:00

[email protected]

web.nvd.nist.gov

fortinet

firewall

vulnerability

hardcoded username

hardcoded password

privilege escalation

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

31.2%

JSON

Fortinet firewall running FortiOS 2.x contains a hardcoded username with the password set to the serial number, which allows local users with console access to gain privileges.

Affected configurations

NVD

Node

fortinetfortinet_firewall

CPENameOperatorVersion
fortinet:fortinet_firewallfortinet fortinet firewalleq*

CPE	Name	Operator	Version
fortinet:fortinet_firewall	fortinet fortinet firewall	eq	*

References

marc.info/?l=bugtraq&m=111773657526375&w=2

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

31.2%

JSON

Related for CVE-2005-1837

nvd1 cvelist1