In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect.
References
Link | Resource |
---|---|
https://fortiguard.com/advisory/FG-IR-14-010 | Mitigation Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Information
Published : 2020-03-19 09:15
Updated : 2020-03-23 09:33
NVD link : CVE-2014-2722
Mitre link : CVE-2014-2722
JSON object : View
CWE
CWE-276
Incorrect Default Permissions
Products Affected
fortinet
- fortibalancer_2000_firmware
- fortibalancer_2000
- fortibalancer_1000
- fortibalancer_400_firmware
- fortibalancer_3000_firmware
- fortibalancer_3000
- fortibalancer_400
- fortibalancer_1000_firmware