Vulnerability Details CVE-2019-15708
A system command injection vulnerability in the FortiAP-S/W2 6.2.1, 6.2.0, 6.0.5 and below, FortiAP 6.0.5 and below and FortiAP-U below 6.0.0 under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted ifconfig commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.2%
CVSS Severity
CVSS v3 Score 6.7
CVSS v2 Score 7.2
Products affected by CVE-2019-15708
-
cpe:2.3:a:fortinet:fortiap-s:-
-
cpe:2.3:a:fortinet:fortiap-s:5.4.0
-
cpe:2.3:a:fortinet:fortiap-s:5.4.1
-
cpe:2.3:a:fortinet:fortiap-s:5.4.2
-
cpe:2.3:a:fortinet:fortiap-s:5.4.3
-
cpe:2.3:a:fortinet:fortiap-s:5.4.4
-
cpe:2.3:a:fortinet:fortiap-s:5.4.5
-
cpe:2.3:a:fortinet:fortiap-s:5.6.0
-
cpe:2.3:a:fortinet:fortiap-s:5.6.1
-
cpe:2.3:a:fortinet:fortiap-s:5.6.2
-
cpe:2.3:a:fortinet:fortiap-s:5.6.3
-
cpe:2.3:a:fortinet:fortiap-s:5.6.4
-
cpe:2.3:a:fortinet:fortiap-s:6.0.0
-
cpe:2.3:a:fortinet:fortiap-s:6.0.1
-
cpe:2.3:a:fortinet:fortiap-s:6.0.2
-
cpe:2.3:a:fortinet:fortiap-s:6.0.3
-
cpe:2.3:a:fortinet:fortiap-s:6.0.4
-
cpe:2.3:a:fortinet:fortiap-s:6.0.5
-
cpe:2.3:a:fortinet:fortiap-s:6.2.0
-
cpe:2.3:a:fortinet:fortiap-s:6.2.1
-
cpe:2.3:a:fortinet:fortiap-u:-
-
cpe:2.3:a:fortinet:fortiap-u:5.4.0
-
cpe:2.3:a:fortinet:fortiap-u:5.4.1
-
cpe:2.3:a:fortinet:fortiap-u:5.4.2
-
cpe:2.3:a:fortinet:fortiap-u:5.4.3
-
cpe:2.3:a:fortinet:fortiap-u:5.4.4
-
cpe:2.3:a:fortinet:fortiap-u:5.4.5
-
cpe:2.3:a:fortinet:fortiap-u:5.4.6
-
cpe:2.3:a:fortinet:fortiap-u:6.0.0
-
cpe:2.3:a:fortinet:fortiap-w2:-
-
cpe:2.3:a:fortinet:fortiap-w2:5.4.0
-
cpe:2.3:a:fortinet:fortiap-w2:5.4.1
-
cpe:2.3:a:fortinet:fortiap-w2:5.4.2
-
cpe:2.3:a:fortinet:fortiap-w2:5.4.3
-
cpe:2.3:a:fortinet:fortiap-w2:5.4.4
-
cpe:2.3:a:fortinet:fortiap-w2:5.4.5
-
cpe:2.3:a:fortinet:fortiap-w2:5.6.0
-
cpe:2.3:a:fortinet:fortiap-w2:5.6.1
-
cpe:2.3:a:fortinet:fortiap-w2:5.6.2
-
cpe:2.3:a:fortinet:fortiap-w2:5.6.3
-
cpe:2.3:a:fortinet:fortiap-w2:5.6.4
-
cpe:2.3:a:fortinet:fortiap-w2:6.0.0
-
cpe:2.3:a:fortinet:fortiap-w2:6.0.1
-
cpe:2.3:a:fortinet:fortiap-w2:6.0.2
-
cpe:2.3:a:fortinet:fortiap-w2:6.0.3
-
cpe:2.3:a:fortinet:fortiap-w2:6.0.4
-
cpe:2.3:a:fortinet:fortiap-w2:6.0.5
-
cpe:2.3:a:fortinet:fortiap-w2:6.2.0
-
cpe:2.3:a:fortinet:fortiap-w2:6.2.1
-
cpe:2.3:a:fortinet:fortiap:-
-
cpe:2.3:a:fortinet:fortiap:5.4.0
-
cpe:2.3:a:fortinet:fortiap:5.4.1
-
cpe:2.3:a:fortinet:fortiap:5.4.2
-
cpe:2.3:a:fortinet:fortiap:5.4.3
-
cpe:2.3:a:fortinet:fortiap:5.4.4
-
cpe:2.3:a:fortinet:fortiap:5.6.0
-
cpe:2.3:a:fortinet:fortiap:5.6.1
-
cpe:2.3:a:fortinet:fortiap:5.6.2
-
cpe:2.3:a:fortinet:fortiap:5.6.3
-
cpe:2.3:a:fortinet:fortiap:5.6.4
-
cpe:2.3:a:fortinet:fortiap:5.6.5
-
cpe:2.3:a:fortinet:fortiap:6.0.0
-
cpe:2.3:a:fortinet:fortiap:6.0.1
-
cpe:2.3:a:fortinet:fortiap:6.0.2
-
cpe:2.3:a:fortinet:fortiap:6.0.3
-
cpe:2.3:a:fortinet:fortiap:6.0.4
-
cpe:2.3:a:fortinet:fortiap:6.0.5