Lucene search

[email protected]CVE-2015-3611

HistoryFeb 04, 2020 - 8:15 p.m.

CVE-2015-3611

2020-02-0420:15:11

CWE-78

[email protected]

web.nvd.nist.gov

cve-2015-3611

command injection

fortimanager

nvd

security vulnerability

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.8%

JSON

A Command Injection vulnerability exists in FortiManager 5.2.1 and earlier and FortiManager 5.0.10 and earlier via unspecified vectors, which could let a malicious user run systems commands when executing a report.

Affected configurations

NVD

Node

fortinetfortimanagerRange5.0.0–5.0.10

fortinetfortimanagerRange5.2.0–5.2.1

CPENameOperatorVersion
fortinet:fortimanagerfortinet fortimanagerle5.0.10
fortinet:fortimanagerfortinet fortimanagerle5.2.1

CPE	Name	Operator	Version
fortinet:fortimanager	fortinet fortimanager	le	5.0.10
fortinet:fortimanager	fortinet fortimanager	le	5.2.1

References

www.securityfocus.com/bid/74444

www.securitytracker.com/id/1032188

fortiguard.com/psirt/FG-IR-15-011

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.8%

JSON

Related for CVE-2015-3611

fortinet1 nvd1 prion1 cvelist1 nessus1