CVE-2017-3130Sensitive Information Exposure in INC Fortinet Fortios

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.3%
top 47.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Fortinet INC Fortinet FortiosFortinet Fortios
Timeline
PublishedAug 10
Latest updateMay 17

Description

An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows attacker to get FortiOS version info by inspecting FortiOS IKE VendorID packets.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDfortinet/fortios32 versions+31
CVEListV5fortinet_inc/fortinet_fortiosFortiOS 5.6.0, 5.4.4 and below versions

🔴Vulnerability Details

2
GHSA
GHSA-m2hm-m569-8xqm: An information disclosure vulnerability in Fortinet FortiOS 52022-05-17
CVEList
CVE-2017-3130: An information disclosure vulnerability in Fortinet FortiOS 52017-08-10

📋Vendor Advisories

1
Fortinet
An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows attacker to get Forti...2017-08-10
CVE-2017-3130 — Sensitive Information Exposure | cvebase