Lucene search
MitreCVE-2015-7361HistoryOct 15, 2015 - 8:59 p.m.
CVE-2015-7361
2015-10-1520:59:01
CWE-287
mitre
web.nvd.nist.gov
20
fortios
security
unauthenticated access
cve-2015-7361
high availability
zebos shell
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.007
Percentile
80.6%
FortiOS 5.2.3, when configured to use High Availability (HA) and the dedicated management interface is enabled, does not require authentication for access to the ZebOS shell on the HA dedicated management interface, which allows remote attackers to obtain shell access via unspecified vectors.
Affected configurations
Node
fortinetfortiosMatch5.2.3
Related
fortinet
fortinet
ZebOS routing remote shell service enabled
2015-07-24 00:00:00
prion
prion
Authentication flaw
2015-10-15 20:59:00
cvelist
cvelist
CVE-2015-7361
2015-10-15 20:00:00
nvd
nvd
CVE-2015-7361
2015-10-15 20:59:01
openvas
openvas
Fortinet FortiGate ZebOS routing remote shell service enabled (FG-IR-15-020)
2017-01-02 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.3
Confidence
Low
EPSS
0.007
Percentile
80.6%
Related for CVE-2015-7361