Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2016-7542
Deferred
More InfoOfficial Page
Source-psirt@fortinet.com
View Known Exploited Vulnerability (KEV) details
Published At-30 Mar, 2017 | 14:59
Updated At-20 Apr, 2025 | 01:37

A read-only administrator on Fortinet devices with FortiOS 5.2.x before 5.2.10 GA and 5.4.x before 5.4.2 GA may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API, and may therefore be able to crack them.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.04.9MEDIUM
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Primary2.04.0MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
CPE Matches
Fortinet, Inc.
fortinet
>>fortios>>5.2.0
cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortios>>5.2.1
cpe:2.3:o:fortinet:fortios:5.2.1:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortios>>5.2.2
cpe:2.3:o:fortinet:fortios:5.2.2:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortios>>5.2.3
cpe:2.3:o:fortinet:fortios:5.2.3:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortios>>5.2.4
cpe:2.3:o:fortinet:fortios:5.2.4:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortios>>5.2.5
cpe:2.3:o:fortinet:fortios:5.2.5:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortios>>5.2.6
cpe:2.3:o:fortinet:fortios:5.2.6:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortios>>5.2.7
cpe:2.3:o:fortinet:fortios:5.2.7:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortios>>5.2.8
cpe:2.3:o:fortinet:fortios:5.2.8:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortios>>5.2.9
cpe:2.3:o:fortinet:fortios:5.2.9:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortios>>5.4.0
cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortios>>5.4.1
cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-200Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://fortiguard.com/advisory/FG-IR-16-050psirt@fortinet.com
Not Applicable
http://www.securityfocus.com/bid/94690psirt@fortinet.com
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037394psirt@fortinet.com
N/A
http://fortiguard.com/advisory/FG-IR-16-050af854a3a-2127-422b-91ae-364da2661108
Not Applicable
http://www.securityfocus.com/bid/94690af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037394af854a3a-2127-422b-91ae-364da2661108
N/A
Change History
0Changes found
Details not found