CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-6697

An Improper Neutralization of Input vulnerability affecting FortiGate version 6.2.0 through 6.2.1, 6.0.0 through 6.0.6 in the hostname parameter of a DHCP packet under DHCP monitor page may allow an unauthenticated attacker in the same network as the FortiGate to perform a Stored Cross Site Scripting attack (XSS) by sending a crafted DHCP packet.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 24.5%

CVSS Severity

CVSS v3 Score 5.3

References

https://fortiguard.com/advisory/FG-IR-19-184

Products affected by CVE-2019-6697

Fortinet » Fortios » Version: 6.0.0

cpe:2.3:o:fortinet:fortios:6.0.0
Fortinet » Fortios » Version: 6.0.1

cpe:2.3:o:fortinet:fortios:6.0.1
Fortinet » Fortios » Version: 6.0.2

cpe:2.3:o:fortinet:fortios:6.0.2
Fortinet » Fortios » Version: 6.0.3

cpe:2.3:o:fortinet:fortios:6.0.3
Fortinet » Fortios » Version: 6.0.4

cpe:2.3:o:fortinet:fortios:6.0.4
Fortinet » Fortios » Version: 6.0.5

cpe:2.3:o:fortinet:fortios:6.0.5
Fortinet » Fortios » Version: 6.0.6

cpe:2.3:o:fortinet:fortios:6.0.6
Fortinet » Fortios » Version: 6.2.0

cpe:2.3:o:fortinet:fortios:6.2.0
Fortinet » Fortios » Version: 6.2.1

cpe:2.3:o:fortinet:fortios:6.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-6697

Products

Pricing

Contact Us