CVE-2016-1909

Name of the Vulnerable Software and Affected Versions FortiAnalyzer versions 5.0.0 through 5.0.11 FortiAnalyzer versions 5.2.x prior to 5.2.5 FortiSwitch versions 3.3.x prior to 3.3.3 FortiCache versions 3.0.x prior to 3.0.8 FortiOS versions 4.1.x prior to 4.1.11 FortiOS versions 4.2.x prior to 4.2.16 FortiOS versions 4.3.x prior to 4.3.17 FortiOS versions 5.0.x prior to 5.0.8

Description The issue is related to a hardcoded passphrase for the Fortimanager Access account, which allows remote attackers to obtain administrative access via an SSH session. This is due to insufficient access control, which can be exploited by a remote attacker to gain access to protected information because the SSH authorization password was not changed.

Recommendations For FortiAnalyzer versions 5.0.0 through 5.0.11, update to version 5.0.12 or later. For FortiAnalyzer versions 5.2.x prior to 5.2.5, update to version 5.2.5 or later. For FortiSwitch versions 3.3.x prior to 3.3.3, update to version 3.3.3 or later. For FortiCache versions 3.0.x prior to 3.0.8, update to version 3.0.8 or later. For FortiOS versions 4.1.x prior to 4.1.11, update to version 4.1.11 or later. For FortiOS versions 4.2.x prior to 4.2.16, update to version 4.2.16 or later. For FortiOS versions 4.3.x prior to 4.3.17, update to version 4.3.17 or later. For FortiOS versions 5.0.x prior to 5.0.8, update to version 5.0.8 or later. As a temporary workaround, consider changing the hardcoded passphrase for the Fortimanager Access account to prevent unauthorized access via SSH.