vulnerability

Fortinet FortiOS: Unspecified Security Vulnerability (CVE-2020-15938)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Mar 4, 2021	Mar 15, 2021	May 9, 2022

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Mar 4, 2021

Added

Mar 15, 2021

Modified

May 9, 2022

Description

When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header.

Solution

fortios-upgrade-latest

References

CVE-2020-15938
https://attackerkb.com/topics/CVE-2020-15938
URL-https://fortiguard.com/advisory/FG-IR-20-172

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today