PT-2018-2064 · Fortinet · Expedition Migration Tool

Paragonsec

Publicado

2018-11-20

Atualizado

2020-02-17

CVE-2018-10142

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Expedition Migration Tool versions 1.0.106 and earlier

Description The issue is related to weaknesses in the authentication procedure of the Expedition Migration Tool. This can allow a remote attacker to gain access to protected information. An unauthenticated attacker may be able to enumerate files on the operating system.

Recommendations For versions 1.0.106 and earlier, update to a version that addresses the authentication weaknesses to prevent unauthorized access and file enumeration. As a temporary workaround, consider restricting access to the Expedition Migration Tool to minimize the risk of exploitation.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

BDU:2019-00014

CVE-2018-10142

Produtos afetados

Expedition Migration Tool

PT-2018-2064 · Fortinet · Expedition Migration Tool

CVE-2018-10142

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6