Vulnerability Database

290,273

Total vulnerabilities in the database

CVE-2020-15936

A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets.

  • Published: Mar 1, 2022
  • Updated: Apr 13, 2023
  • CVE: CVE-2020-15936
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.5
  • AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

Software From Fixed in
fortinet / fortios 5.6.0 5.6.13.x
fortinet / fortios 6.0.0 6.0.11.x
fortinet / fortios 6.2.0 6.2.5.x
fortinet / fortios 6.4.0 6.4.3.x