Lucene search

MitreCVE-2015-3293

HistoryApr 14, 2015 - 6:59 p.m.

CVE-2015-3293

2015-04-1418:59:07

CWE-200

mitre

web.nvd.nist.gov

fortimail

cve-2015-3293

remote administrators

credentials

security vulnerability

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

29.8%

JSON

FortiMail 5.0.3 through 5.2.3 allows remote administrators to obtain credentials via the “diag debug application httpd” command.

Affected configurations

Nvd

Node

fortinetfortimailMatch5.0.3

fortinetfortimailMatch5.0.4

fortinetfortimailMatch5.0.5

fortinetfortimailMatch5.0.6

fortinetfortimailMatch5.0.7

fortinetfortimailMatch5.1

fortinetfortimailMatch5.1.1

fortinetfortimailMatch5.1.2

fortinetfortimailMatch5.1.3

fortinetfortimailMatch5.1.4

fortinetfortimailMatch5.2

fortinetfortimailMatch5.2.1

fortinetfortimailMatch5.2.2

fortinetfortimailMatch5.2.3

VendorProductVersionCPE
fortinetfortimail5.0.3cpe:2.3:a:fortinet:fortimail:5.0.3:*:*:*:*:*:*:*
fortinetfortimail5.0.4cpe:2.3:a:fortinet:fortimail:5.0.4:*:*:*:*:*:*:*
fortinetfortimail5.0.5cpe:2.3:a:fortinet:fortimail:5.0.5:*:*:*:*:*:*:*
fortinetfortimail5.0.6cpe:2.3:a:fortinet:fortimail:5.0.6:*:*:*:*:*:*:*
fortinetfortimail5.0.7cpe:2.3:a:fortinet:fortimail:5.0.7:*:*:*:*:*:*:*
fortinetfortimail5.1cpe:2.3:a:fortinet:fortimail:5.1:*:*:*:*:*:*:*
fortinetfortimail5.1.1cpe:2.3:a:fortinet:fortimail:5.1.1:*:*:*:*:*:*:*
fortinetfortimail5.1.2cpe:2.3:a:fortinet:fortimail:5.1.2:*:*:*:*:*:*:*
fortinetfortimail5.1.3cpe:2.3:a:fortinet:fortimail:5.1.3:*:*:*:*:*:*:*
fortinetfortimail5.1.4cpe:2.3:a:fortinet:fortimail:5.1.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fortinet	fortimail	5.0.3	cpe:2.3:a:fortinet:fortimail:5.0.3:::::::*
fortinet	fortimail	5.0.4	cpe:2.3:a:fortinet:fortimail:5.0.4:::::::*
fortinet	fortimail	5.0.5	cpe:2.3:a:fortinet:fortimail:5.0.5:::::::*
fortinet	fortimail	5.0.6	cpe:2.3:a:fortinet:fortimail:5.0.6:::::::*
fortinet	fortimail	5.0.7	cpe:2.3:a:fortinet:fortimail:5.0.7:::::::*
fortinet	fortimail	5.1	cpe:2.3:a:fortinet:fortimail:5.1:::::::*
fortinet	fortimail	5.1.1	cpe:2.3:a:fortinet:fortimail:5.1.1:::::::*
fortinet	fortimail	5.1.2	cpe:2.3:a:fortinet:fortimail:5.1.2:::::::*
fortinet	fortimail	5.1.3	cpe:2.3:a:fortinet:fortimail:5.1.3:::::::*
fortinet	fortimail	5.1.4	cpe:2.3:a:fortinet:fortimail:5.1.4:::::::*

Rows per page:

1-10 of 141

References

www.fortiguard.com/advisory/FG-IR-15-009/

www.securitytracker.com/id/1032185

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

29.8%

JSON

Related for CVE-2015-3293