Vulnerability Details CVE-2019-6698
Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-6698
-
cpe:2.3:h:fortinet:fortirecorder_100d:-
-
cpe:2.3:h:fortinet:fortirecorder_200d:-
-
cpe:2.3:h:fortinet:fortirecorder_400d:-
-
cpe:2.3:o:fortinet:fortirecorder_firmware:-
-
cpe:2.3:o:fortinet:fortirecorder_firmware:1.1.0
-
cpe:2.3:o:fortinet:fortirecorder_firmware:1.2.0
-
cpe:2.3:o:fortinet:fortirecorder_firmware:1.4.0
-
cpe:2.3:o:fortinet:fortirecorder_firmware:1.4.1
-
cpe:2.3:o:fortinet:fortirecorder_firmware:1.4.2
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.0.0
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.1.0
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.2.0
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.2.1
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.2.2
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.3.0
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.4.0
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.4.1
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.4.2
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.5.0
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.5.1
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.5.2
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.6.0
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.7.0
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.7.1
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.7.2
-
cpe:2.3:o:fortinet:fortirecorder_firmware:2.7.3