Information disclosure in FortiOS

#VU49278 Information disclosure in FortiOS

Published: 2021-01-05

Vulnerability identifier: #VU49278

Vulnerability risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-29010

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
FortiOS
Operating systems & Components / Operating system

Vendor: Fortinet, Inc

Description

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due FortiGate may allow a remote authenticated user to read the SSL VPN events log entries of users in other VDOMs by executing "get vpn ssl monitor" from the CLI. As a result, a remote user can obtain sensitive data from other VDOMs that include usernames, user groups, and IP addresses.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

FortiOS: 6.4.0 - 6.4.1, 6.2.0 - 6.2.4, 6.0.0 - 6.0.10

External links
http://www.fortiguard.com/psirt/FG-IR-20-103

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Information disclosure in Fortinet FortiGate