Описание
In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect.
Ссылки
- MitigationVendor Advisory
- MitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:fortinet:fortibalancer_400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortibalancer_400:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:fortinet:fortibalancer_1000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortibalancer_1000:-:*:*:*:*:*:*:*
Конфигурация 3
Одновременно
cpe:2.3:o:fortinet:fortibalancer_2000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortibalancer_2000:-:*:*:*:*:*:*:*
Конфигурация 4
Одновременно
cpe:2.3:o:fortinet:fortibalancer_3000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:fortinet:fortibalancer_3000:-:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01117
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-276
Связанные уязвимости
github
больше 3 лет назад
In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect.
EPSS
Процентиль: 78%
0.01117
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-276