CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-29010

An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS version 6.2.4 and below, version 6.0.10 and belowmay allow remote authenticated actors to read the SSL VPN events log entries of users in other VDOMs by executing "get vpn ssl monitor" from the CLI. The sensitive data includes usernames, user groups, and IP address.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.7%

CVSS Severity

CVSS v3 Score 5.0

References

https://fortiguard.fortinet.com/psirt/FG-IR-20-103

Products affected by CVE-2020-29010

Fortinet » Fortios » Version: 6.0.0

cpe:2.3:o:fortinet:fortios:6.0.0
Fortinet » Fortios » Version: 6.0.1

cpe:2.3:o:fortinet:fortios:6.0.1
Fortinet » Fortios » Version: 6.0.10

cpe:2.3:o:fortinet:fortios:6.0.10
Fortinet » Fortios » Version: 6.0.2

cpe:2.3:o:fortinet:fortios:6.0.2
Fortinet » Fortios » Version: 6.0.3

cpe:2.3:o:fortinet:fortios:6.0.3
Fortinet » Fortios » Version: 6.0.4

cpe:2.3:o:fortinet:fortios:6.0.4
Fortinet » Fortios » Version: 6.0.5

cpe:2.3:o:fortinet:fortios:6.0.5
Fortinet » Fortios » Version: 6.0.6

cpe:2.3:o:fortinet:fortios:6.0.6
Fortinet » Fortios » Version: 6.0.7

cpe:2.3:o:fortinet:fortios:6.0.7
Fortinet » Fortios » Version: 6.0.8

cpe:2.3:o:fortinet:fortios:6.0.8
Fortinet » Fortios » Version: 6.0.9

cpe:2.3:o:fortinet:fortios:6.0.9
Fortinet » Fortios » Version: 6.2.0

cpe:2.3:o:fortinet:fortios:6.2.0
Fortinet » Fortios » Version: 6.2.1

cpe:2.3:o:fortinet:fortios:6.2.1
Fortinet » Fortios » Version: 6.2.2

cpe:2.3:o:fortinet:fortios:6.2.2
Fortinet » Fortios » Version: 6.2.3

cpe:2.3:o:fortinet:fortios:6.2.3
Fortinet » Fortios » Version: 6.2.4

cpe:2.3:o:fortinet:fortios:6.2.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-29010

Products

Pricing

Contact Us