Back to search
CVE-2019-5593
Published: Jan 23, 2020
Modified: Oct 25, 2024
PUBLISHED
Description
Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system's builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below or for user uploaded local certificates via setting an empty password in FortiOS 6.2.1, 6.2.0, 6.0.6 and below.
| Vendor | Product | Versions |
|---|---|---|
n/a | Fortinet FortiOS | affected FortiOS 6.2.0 to 6.2.1, 6.0.6 and below |
References
https://fortiguard.com/psirt/FG-IR-19-134
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now