PT-2020-7837 · Fortinet · Fortimanager

Published

2020-02-04

Updated

2020-02-05

CVE-2015-3611

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: FortiManager versions 5.2.1 and earlier FortiManager versions 5.0.10 and earlier

Description: A Command Injection issue exists via unspecified vectors, which could let a malicious user run system commands when executing a report.

Recommendations: For FortiManager versions 5.2.1 and earlier, update to a version later than 5.2.1 to resolve the issue. For FortiManager versions 5.0.10 and earlier, update to a version later than 5.0.10 to resolve the issue.

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2015-3611

Affected Products

Fortimanager

PT-2020-7837 · Fortinet · Fortimanager

CVE-2015-3611

Weakness Enumeration

Related Identifiers

Affected Products

References · 4