Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1457

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2015-1457
Last Modified 19 Feb 2015 01:59:51
Published 03 Feb 2015 11:59:29
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2015-1457

Summary

Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command.

Vulnerable Systems

Application

  • Fortinet Fortiauthenticator 3.0.0


References

XF - fortinetfortiauthenticator-dig-info-disc(100560)

BID - 72378

MISC - http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiAuthenticator_Multiple_Vulnerabilities.pdf

MISC - http://packetstormsecurity.com/files/130156/Fortinet-FortiAuthenticator-XSS-Disclosure-Bypass.html

CONFIRM - http://www.fortiguard.com/advisory/FG-IR-15-003/


Last Updated: 27 May 2016 11:07:48