CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
47.8%
Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x before 5.4.0 could violate a security policy during IPS signature updates when the FortiGate’s IPSengine is configured in flow mode. All FortiGate versions with IPS configured in proxy mode (the default mode) are not affected.
Vendor | Product | Version | CPE |
---|---|---|---|
fortinet | fortios | 5.0.0 | cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:* |
fortinet | fortios | 5.0.1 | cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:* |
fortinet | fortios | 5.0.2 | cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:* |
fortinet | fortios | 5.0.3 | cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:* |
fortinet | fortios | 5.0.4 | cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:* |
fortinet | fortios | 5.0.5 | cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:* |
fortinet | fortios | 5.0.6 | cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:* |
fortinet | fortios | 5.0.7 | cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:* |
fortinet | fortios | 5.0.8 | cpe:2.3:o:fortinet:fortios:5.0.8:*:*:*:*:*:*:* |
fortinet | fortios | 5.0.9 | cpe:2.3:o:fortinet:fortios:5.0.9:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
47.8%