Lucene search
FortinetCVELIST:CVE-2019-15703HistoryOct 24, 2019 - 1:53 p.m.
CVE-2019-15703
2019-10-2413:53:17
fortinet
www.cve.org
0.002 Low
EPSS
Percentile
54.1%
An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2.1, 6.2.0, 6.0.8 and below for device not enable hardware TRNG token and models not support builtin TRNG seed allows attacker to theoretically recover the long term ECDSA secret in a TLS client with a RSA handshake and mutual ECDSA authentication via the help of flush+reload side channel attacks in FortiGate VM models only.
CNA Affected
[
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.2.0"
},
{
"status": "affected",
"version": "6.0.8 and below"
}
]
}
]References
Related
symantec
symantec
Fortinet FortiOS CVE-2019-15703 Insufficient Entropy Vulnerability
2019-10-18 00:00:00
cve
cve
CVE-2019-15703
2019-10-24 14:15:11
nessus
nessus
FortiOS DRBG unsufficient entropy (FG-IR-19-186)
2019-10-25 00:00:00
fortinet
fortinet
Protect
2020-02-13 00:00:00
prion
prion
Design/Logic Flaw
2019-10-24 14:15:00
nvd
nvd
CVE-2019-15703
2019-10-24 14:15:11