Back to search
CVE-2016-7542
Published: Mar 30, 2017
Modified: Oct 25, 2024
PUBLISHED
Description
A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack them.
| Vendor | Product | Versions |
|---|---|---|
Fortinet | FortiOS | affected 5.2.0 - 5.2.9, 5.4.1 |
References
94690
vdb-entry
x_refsource_BID
http://fortiguard.com/advisory/FG-IR-16-050
x_refsource_CONFIRM
1037394
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now