Main Vulnerability Database Vulnerabilities #VU31050

#VU31050 Input validation error in FortiOS - CVE-2019-5587

Published: June 5, 2019 / Updated: July 17, 2020

Vulnerability identifier: #VU31050

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2019-5587

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
FortiOS

Software vendor:
Fortinet, Inc

Description

The vulnerability allows a remote authenticated user to manipulate data.

Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific methods.

Remediation

Install update from vendor's website.

External links

http://www.securityfocus.com/bid/108628
https://fortiguard.com/advisory/FG-IR-19-017

#VU31050 Input validation error in FortiOS - CVE-2019-5587

Description

Remediation

External links

Please verify you're human