CVE-2020-15936

A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets.
References
Link Resource
https://fortiguard.com/advisory/FG-IR-20-091 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*

History

12 Jul 2022, 17:42

Type Values Removed Values Added
CWE CWE-668 CWE-20

09 Mar 2022, 14:07

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 4.0
v3 : 4.5
References (CONFIRM) https://fortiguard.com/advisory/FG-IR-20-091 - (CONFIRM) https://fortiguard.com/advisory/FG-IR-20-091 - Vendor Advisory
CWE CWE-668
CPE cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*

01 Mar 2022, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-03-01 19:15

Updated : 2024-02-04 22:29


NVD link : CVE-2020-15936

Mitre link : CVE-2020-15936

CVE.ORG link : CVE-2020-15936


JSON object : View

Products Affected

fortinet

  • fortios
CWE
CWE-20

Improper Input Validation