CVE-2015-3293 — Sensitive Information Exposure in Fortinet Fortimail

CWE-200 — Sensitive Information Exposure3 documents3 sources
Severity
4.0MEDIUMNVD
EPSS
0.2%
top 53.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Fortinet Fortimail
Timeline
PublishedApr 14
Latest updateMay 17

Description

FortiMail 5.0.3 through 5.2.3 allows remote administrators to obtain credentials via the "diag debug application httpd" command.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

â–¶NVDfortinet/fortimail14 versions+13

🔴Vulnerability Details

2
GHSA
GHSA-2fg2-cvw6-w6w2: FortiMail 5↗2022-05-17
â–¶
CVEList
CVE-2015-3293: FortiMail 5↗2015-04-14
â–¶
CVE-2015-3293 — Sensitive Information Exposure | cvebase