Lucene search
FortinetCVELIST:CVE-2020-15936HistoryMar 01, 2022 - 6:25 p.m.
CVE-2020-15936
2022-03-0118:25:27
fortinet
www.cve.org
3
fortigate
input validation
sensitive information disclosure
sni
tls packets
CVSS3
2.6
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N
AI Score
4.5
Confidence
High
EPSS
0
Percentile
12.6%
A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets.
CNA Affected
[
{
"product": "Fortinet FortiOS",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "FortiOS 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.1, 5.6.0"
}
]
}
]References
Related
cve
cve
CVE-2020-15936
2022-03-01 19:15:08
nvd
nvd
CVE-2020-15936
2022-03-01 19:15:08
fortinet
fortinet
Protect
2022-03-01 00:00:00
prion
prion
Input validation
2022-03-01 19:15:00
CVSS3
2.6
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N
AI Score
4.5
Confidence
High
EPSS
0
Percentile
12.6%
Related for CVELIST:CVE-2020-15936