A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets.
References
Link | Resource |
---|---|
https://fortiguard.com/advisory/FG-IR-20-091 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
12 Jul 2022, 17:42
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-20 |
09 Mar 2022, 14:07
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 4.5 |
References | (CONFIRM) https://fortiguard.com/advisory/FG-IR-20-091 - Vendor Advisory | |
CWE | CWE-668 | |
CPE | cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* |
01 Mar 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-01 19:15
Updated : 2024-02-04 22:29
NVD link : CVE-2020-15936
Mitre link : CVE-2020-15936
CVE.ORG link : CVE-2020-15936
JSON object : View
Products Affected
fortinet
- fortios
CWE
CWE-20
Improper Input Validation