Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2019-6696

An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6.0.8 and below until 5.4.0 under admin webUI may allow an attacker to perform an URL redirect attack via a specifically crafted request to the admin initial password change webpage.

  • Published: Mar 16, 2020
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-6696
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

Software From Fixed in
fortinet / fortios 6.2.0 6.2.0.x
fortinet / fortios 5.4.0 6.0.8.x
fortinet / fortios 6.2.1 6.2.1.x