CVE-2016-7542

MEDIUM

FortiOS 5.2.x < 5.2.10 and 5.4.x < 5.4.2 - Authenticated Password Hash Exposure via WebUI REST API

Title source: llm
STIX 2.1

Description

A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack them.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/94690
Not Applicable x_refsource_confirm
http://fortiguard.com/advisory/FG-IR-16-050
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037394

Scores

CVSS v3 4.9
EPSS 0.0032
EPSS Percentile 55.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-200
Status published
Products (13)
fortinet/fortios 5.2.0
fortinet/fortios 5.2.1
fortinet/fortios 5.2.2
fortinet/fortios 5.2.3
fortinet/fortios 5.2.4
fortinet/fortios 5.2.5
fortinet/fortios 5.2.6
fortinet/fortios 5.2.7
fortinet/fortios 5.2.8
fortinet/fortios 5.2.9
... and 3 more
Published Mar 30, 2017
Tracked Since Feb 18, 2026