CVE-2015-3293
FortiMail 5.0.3-5.2.3 - Authenticated Credential Exposure via HTTPD Debug Command
Title source: llmDescription
FortiMail 5.0.3 through 5.2.3 allows remote administrators to obtain credentials via the "diag debug application httpd" command.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032185
Vendor Advisory x_refsource_confirm
http://www.fortiguard.com/advisory/FG-IR-15-009/
Scores
EPSS
0.0024
EPSS Percentile
46.5%
Details
CWE
CWE-200
Status
published
Products (14)
fortinet/fortimail
5.0.3
fortinet/fortimail
5.0.4
fortinet/fortimail
5.0.5
fortinet/fortimail
5.0.6
fortinet/fortimail
5.0.7
fortinet/fortimail
5.1
fortinet/fortimail
5.1.1
fortinet/fortimail
5.1.2
fortinet/fortimail
5.1.3
fortinet/fortimail
5.1.4
... and 4 more
Published
Apr 14, 2015
Tracked Since
Feb 18, 2026