Main Vulnerability Database Vulnerabilities #VU375

Information disclosure - CVE-2016-4966

Published: September 8, 2016 / Updated: September 8, 2016

Vulnerability identifier: #VU375

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2016-4966

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor:

Affected software:

Detailed vulnerability description

The vulnerability allows authenticated but low privileged user to get access to the targeted system.

The vulnerability exists due to tcpdump function of diagnosis_control.php page. Non-administrative authenticated attacker can capture packets from the FortiWan devices, download its PCAP files and alter HTTP parameter from “UserName” to “Administrator”.

Successful exploitation of this vulnerability results in getting access to the vulnerable system.

How to mitigate CVE-2016-4966

Upgrade to 4.2.5 or above.

Sources

http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities

Information disclosure - CVE-2016-4966

Detailed vulnerability description

How to mitigate CVE-2016-4966

Sources

Please verify you're human