← Retour aux CVEs
CVE-2019-5591
MEDIUMCISA KEV6.5
Description
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.
Details CVE
Score CVSS v3.16.5
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vecteur d'attaqueADJACENT_NETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie8/14/2020
Derniere modification10/24/2025
Sourcekev
Observations honeypot0
CISA KEV
FournisseurFortinet
ProduitFortiOS
Nom vulnerabiliteFortinet FortiOS Default Configuration Vulnerability
Date ajout KEV2021-11-03
Date limite remediation2022-05-03
Utilise dans ransomwareUnknown
Produits affectes
fortinet:fortios
Faiblesses (CWE)
CWE-306CWE-306
References
https://www.fortiguard.com/psirt/FG-IR-19-037(psirt@fortinet.com)
https://www.fortiguard.com/psirt/FG-IR-19-037(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-5591(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.