Main Vulnerability Database Vulnerabilities #VU47004

#VU47004 Insufficient logging in FortiOS - CVE-2020-12818

Published: September 24, 2020

Vulnerability identifier: #VU47004

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-12818

CWE-ID: CWE-778

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
FortiOS

Software vendor:
Fortinet, Inc

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to software may not log traffic from an unauthenticated attacker to Fortinet owned IP addresses. A remote attacker can abuse such behavior to stay unnoticed while performing malicious actions.

Remediation

Upgrade to 6.4.1 or above, and add dynamic firewall address "FCTEMS_ALL_FORTICLOUD_SERVERS" which includes all FortiGuard servers in the policy to log the traffic for Fortinet IP addresses.

External links

https://fortiguard.com/psirt/FG-IR-20-033

#VU47004 Insufficient logging in FortiOS - CVE-2020-12818

Description

Remediation

External links

Please verify you're human