Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistFortinetCVELIST:CVE-2020-12812
HistoryJul 24, 2020 - 10:28 p.m.

CVE-2020-12812

2020-07-2422:28:43
fortinet
www.cve.org
3

9.7 High

AI Score

Confidence

High

0.029 Low

EPSS

Percentile

90.9%

JSON

An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.

CNA Affected

[
  {
    "product": "Fortinet FortiOS",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below"
      }
    ]
  }
]

Related

nessus 1
cve 1
nvd 1
fortinet 1
cisa_kev 1
prion 1
attackerkb 3
cisa 1
thn 5
ics 5
threatpost 3
rapid7blog 1
qualysblog 1
nessus
nessus
Fortinet FortiOS < 6.0.10 / 6.2.x < 6.2.4 / 6.4.x < 6.4.1 Improper Authentication (FG-IR-19-283)
2020-10-02 00:00:00
cve
cve
CVE-2020-12812
2020-07-24 23:15:12
nvd
nvd
CVE-2020-12812
2020-07-24 23:15:12
fortinet
fortinet
Protect
2020-07-13 00:00:00
cisa_kev
cisa_kev
Fortinet FortiOS SSL VPN Improper Authentication Vulnerability
2021-11-03 00:00:00
prion
prion
Authentication flaw
2020-07-24 23:15:00
attackerkb
attackerkb
CVE-2020-12812
2020-07-24 00:00:00
CVE-2018-13379 Path Traversal in Fortinet FortiOS
2019-06-04 00:00:00
CVE-2019-5591
2020-08-14 00:00:00
cisa
cisa
FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities
2021-04-02 00:00:00
thn
thn
Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide
2023-12-19 05:42:00
U.S., U.K. and Australia Warn of Iranian Hackers Exploiting Microsoft, Fortinet Flaws
2021-11-17 15:44:00
Unpatched Remote Hacking Flaw Disclosed in Fortinet's FortiWeb WAF
2021-08-18 03:41:00
ics
ics
#StopRansomware: Play Ransomware
2023-12-18 12:00:00
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
2021-11-19 12:00:00
#StopRansomware: Hive Ransomware
2022-11-25 12:00:00
threatpost
threatpost
FBI: APTs Actively Exploiting Fortinet VPN Bugs
2021-04-02 19:56:57
Unpatched Fortinet Bug Allows Firewall Takeovers
2021-08-18 12:07:33
Exchange, Fortinet Flaws Being Exploited by Iranian APT, CISA Warns
2021-11-17 17:04:01
rapid7blog
rapid7blog
Attackers Targeting Fortinet Devices and SAP Applications
2021-04-08 17:18:07
qualysblog
qualysblog
CISA Alert: Top Routinely Exploited Vulnerabilities
2021-07-29 00:20:27

9.7 High

AI Score

Confidence

High

0.029 Low

EPSS

Percentile

90.9%

JSON
Related for CVELIST:CVE-2020-12812
nessus1cve1nvd1fortinet1cisa_kev1prion1attackerkb3cisa1thn5ics5threatpost3rapid7blog1qualysblog1