Detections
Analytics
Fortinet Fortigate MFA bypass by changing username case (FG-IR-19-283)
critical Nessus Plugin ID 209803
Language:
Synopsis
Fortinet Firewall is missing one or more security-related updates.Description
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-19-283 advisory.- An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username. (CVE-2020-12812)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Please upgrade to FortiOS version 6.0.10/6.2.4/6.4.1 or later.See Also
https://www.fortiguard.com/psirt/FG-IR-19-283
https://kb.fortinet.com/kb/documentLink.do?externalID=FD37033
Plugin Details
Severity: Critical
ID: 209803
File Name: fortigate_FG-IR-19-283.nasl
Version: 1.3
Type: local
Family: Firewalls
Published: 10/27/2024
Updated: 10/28/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.9
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2020-12812
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:fortinet:fortios
Required KB Items: Host/Fortigate/model, Host/Fortigate/version
Exploit Available: true
Exploit Ease: Exploits are available
Vulnerability Publication Date: 7/24/2020
CISA Known Exploited Vulnerability Due Dates: 5/3/2022
Reference Information
CVE: CVE-2020-12812
IAVA: 2020-A-0440-S