FortiOS local admin password could be obtained

Summary

A read-only administrator may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API , and may therefore be able to crack them.

description-logo Description

A read-only administrator may have access to read-write administrators password hashes (not including super-admins) stored on the appliance via the webui REST API , and may therefore be able to crack them.

Affected Products

FortiOS

Solutions

* Upgrade to 5.4.2 GA * Upgrade to 5.2.10 GA Workarounds: 1. Use two-factor authentication in conjunction with local admins account or a remote authentication method like LDAP or RADIUS. 2. Use a strong password policy to prevent password from being cracked from a hash value.

Acknowledgement

Fortinet is pleased to thank Bryan Schmidt for reporting this vulnerability under responsible disclosure.