CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-7542

A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack them.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.7%

CVSS Severity

CVSS v3 Score 4.9

CVSS v2 Score 4.0

References

Products affected by CVE-2016-7542

Fortinet » Fortios » Version: 5.2.0

cpe:2.3:o:fortinet:fortios:5.2.0
Fortinet » Fortios » Version: 5.2.1

cpe:2.3:o:fortinet:fortios:5.2.1
Fortinet » Fortios » Version: 5.2.2

cpe:2.3:o:fortinet:fortios:5.2.2
Fortinet » Fortios » Version: 5.2.3

cpe:2.3:o:fortinet:fortios:5.2.3
Fortinet » Fortios » Version: 5.2.4

cpe:2.3:o:fortinet:fortios:5.2.4
Fortinet » Fortios » Version: 5.2.5

cpe:2.3:o:fortinet:fortios:5.2.5
Fortinet » Fortios » Version: 5.2.6

cpe:2.3:o:fortinet:fortios:5.2.6
Fortinet » Fortios » Version: 5.2.7

cpe:2.3:o:fortinet:fortios:5.2.7
Fortinet » Fortios » Version: 5.2.8

cpe:2.3:o:fortinet:fortios:5.2.8
Fortinet » Fortios » Version: 5.2.9

cpe:2.3:o:fortinet:fortios:5.2.9
Fortinet » Fortios » Version: 5.4.0

cpe:2.3:o:fortinet:fortios:5.4.0
Fortinet » Fortios » Version: 5.4.1

cpe:2.3:o:fortinet:fortios:5.4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-7542

Products

Pricing

Contact Us