Lucene search

FortinetCVE-2018-9190

HistoryFeb 08, 2019 - 7:29 p.m.

CVE-2018-9190

2019-02-0819:29:00

CWE-476

fortinet

web.nvd.nist.gov

cve-2018-9190

fortinet

forticlientwindows

vulnerability

ndis miniport driver

denial of service

nvd

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

12.6%

JSON

A null pointer dereference vulnerability in Fortinet FortiClientWindows 6.0.2 and earlier allows attacker to cause a denial of service via the NDIS miniport driver.

Affected configurations

Nvd

Node

fortinetforticlientRange≤6.0.2windows

VendorProductVersionCPE
fortinetforticlient*cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*

Vendor	Product	Version	CPE
fortinet	forticlient	*	cpe:2.3:a:fortinet:forticlient::::::windows::*

CNA Affected

[
  {
    "product": "Fortinet FortiClientWindows",
    "vendor": "Fortinet, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "FortiClientWindows 6.0.2 and earlier"
      }
    ]
  }
]

References

fortiguard.com/advisory/FG-IR-18-092

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

12.6%

JSON

Related for CVE-2018-9190