ByteOS Network

NVD Vulnerability Details :

CVE-2019-6697

Received

Source-psirt@fortinet.com

Published At-17 Mar, 2025 | 14:15

Updated At-17 Mar, 2025 | 14:15

An Improper Neutralization of Input vulnerability affecting FortiGate version 6.2.0 through 6.2.1, 6.0.0 through 6.0.6 in the hostname parameter of a DHCP packet under DHCP monitor page may allow an unauthenticated attacker in the same network as the FortiGate to perform a Stored Cross Site Scripting attack (XSS) by sending a crafted DHCP packet.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Weaknesses

CWE ID	Type	Source
CWE-79	Primary	psirt@fortinet.com

References

Hyperlink	Source	Resource
https://fortiguard.com/advisory/FG-IR-19-184	psirt@fortinet.com	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History