6 matches found
Fortinet Fortigate Hardcoded symmetric key in fips.c (FG-IR-19-007)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the FG-IR-19-007 advisory. - Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an...
CVE-2019-6693
creationtimestamp| type| source ---|---|--- 2023-07-06 11:08:24+00:00| published-proof-of-concept| https://t.me/dilagrafie/3103 2023-07-15 04:02:00+00:00| published-proof-of-concept| Telegram/FQgTqgAsC1BzgFQ3QhqXo3ZwrqpxzvjIHl33wB4sG5coLAQ 2023-08-16 06:30:09+00:00| published-proof-of-concept|...
Exploit for Use of Hard-coded Credentials in Fortinet Fortianalyzer
Decrypt FortiManager configuration secrets CVE-2020-9289 CV...
Fortinet FortiOS < 5.6.10 / 6.0 < 6.0.7 / 6.2.x < 6.2.1 Vulnerable Encryption (FG-IR-19-007)
The remote host is running a version of FortiOS that has not yet enabled private-data-encryption. A authorized remote user with access or knowledge of the standard encryption key could gain access and decrypt the FortiOS backup files and all non-administor passwords and private keys.' CVE-2019-66...
CVE-2019-6693
Fortinet FortiOS contains a vulnerability CVE-2019-6693: use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup files. An attacker with access to the backup file could decrypt sensitive data, including users’ passwords (excluding admin), private keys’ passp...
CVE-2019-6693
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users’ passwords except the...