| IR Number | FG-IR-16-050 |
| Date | Dec 2, 2016 |
| Severity |
Medium |
| Impact | Information leak |
| CVE ID | CVE-2016-7542 |
| Affected Products |
FortiOS
:
5.4.1, 5.4.0, 5.2.9, 5.2.8, 5.2.7, 5.2.6, 5.2.5, 5.2.4, 5.2.3, 5.2.2, 5.2.10, 5.2.1, 5.2.0
|
| CVRF | Download |
Refine Search
PSIRT Advisories
FortiOS Local Admin Password Hash Leak Vulnerability
Summary
A read-only administrator may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API , and may therefore be able to crack them.
Description
A read-only administrator may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API , and may therefore be able to crack them.
Affected Products
FortiOS 5.2.0 - 5.2.10, 5.4.1
Solutions
* Upgrade to 5.4.2 GA* Upgrade to 5.2.11 GA
Workarounds:
1. Use two-factor authentication in conjunction with local admins account or a remote authentication method like LDAP or RADIUS.
2. Use a strong password policy to prevent password from being cracked from a hash value.
Acknowledgement
Fortinet is pleased to thank Bryan Schmidt for reporting this vulnerability under responsible disclosure.