Rapid7 Vulnerability & Exploit Database

Fortinet FortiOS: Insufficient Verification of Data Authenticity (CVE-2019-5587)

Back to Search

Fortinet FortiOS: Insufficient Verification of Data Authenticity (CVE-2019-5587)

Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Published
06/04/2019
Created
09/14/2019
Added
09/06/2019
Modified
08/05/2021

Description

Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific methods.

Solution(s)

  • fortios-upgrade-6_0_5

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;