CVE-2019-6698

9.8CRITICAL

Key Information:

Vendor: Fortinet
Status: Fortinet Fortirecorder
Vendor: CVE Published:; 23 August 2019

Summary

Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.

Affected Version(s)

Fortinet FortiRecorder FortiRecorder all versions below 2.7.4

References

https://fortiguard.com/advisory/FG-IR-19-185

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 23, 2019
Vulnerability Reserved
Jan 23, 2019