vulnerability

Fortinet FortiOS: Improper Input Validation (CVE-2019-6696)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:N/C:P/I:P/A:N)	Mar 15, 2020	Mar 23, 2020	Aug 11, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Published

Mar 15, 2020

Added

Mar 23, 2020

Modified

Aug 11, 2025

Description

An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage.

Solution

fortios-upgrade-latest

References

CVE-2019-6696
https://attackerkb.com/topics/CVE-2019-6696
CWE-20
CWE-601
URL-https://fortiguard.com/psirt/FG-IR-19-179

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today