CVE-2018-9195 - OpenCVE

Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Fortinet	Fortios Forticlient

Configuration 1 [-]

OR	cpe:2.3:a:fortinet:forticlient::::::windows::*
	cpe:2.3:a:fortinet:forticlient::::::macos::*
	cpe:2.3:o:fortinet:fortios::::::::

References

Link	Resource
https://fortiguard.com/advisory/FG-IR-18-100	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: fortinet

Published: 2019-11-21T14:59:52

Updated: 2019-11-27T20:52:33

Reserved: 2018-04-02T00:00:00

Link: CVE-2018-9195

JSON object: View

NVD Information

Status : Modified

Published: 2019-11-21T15:15:12.477

Modified: 2020-05-04T13:44:43.313

Link: CVE-2018-9195

JSON object: View

Redhat Information

No data.

CWE

CWE-798

{"containers": {"cna": {"affected": [{"product": "FortiClient for Windows", "vendor": "Fortinet", "versions": [{"status": "affected", "version": "FortiClient for Windows 6.0.6 and below"}]}, {"product": "FortiOS", "vendor": "Fortinet", "versions": [{"status": "affected", "version": "FortiOS 6.0.7 and below"}]}, {"product": "FortiClient for Mac OS", "vendor": "Fortinet", "versions": [{"status": "affected", "version": "FortiClient for Mac OS 6.2.1 and below"}]}], "descriptions": [{"lang": "en", "value": "Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below."}], "problemTypes": [{"descriptions": [{"description": "Information disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-11-27T20:52:33", "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "shortName": "fortinet"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://fortiguard.com/advisory/FG-IR-18-100"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@fortinet.com", "ID": "CVE-2018-9195", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "FortiClient for Windows", "version": {"version_data": [{"version_value": "FortiClient for Windows 6.0.6 and below"}]}}, {"product_name": "FortiOS", "version": {"version_data": [{"version_value": "FortiOS 6.0.7 and below"}]}}, {"product_name": "FortiClient for Mac OS", "version": {"version_data": [{"version_value": "FortiClient for Mac OS 6.2.1 and below"}]}}]}, "vendor_name": "Fortinet"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information disclosure"}]}]}, "references": {"reference_data": [{"name": "https://fortiguard.com/advisory/FG-IR-18-100", "refsource": "CONFIRM", "url": "https://fortiguard.com/advisory/FG-IR-18-100"}]}}}}, "cveMetadata": {"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8", "assignerShortName": "fortinet", "cveId": "CVE-2018-9195", "datePublished": "2019-11-21T14:59:52", "dateReserved": "2018-04-02T00:00:00", "dateUpdated": "2019-11-27T20:52:33", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:windows:*:*", "matchCriteriaId": "FA6A19E5-0059-4F94-A8D8-BBFF6B8C0C1D", "versionEndIncluding": "6.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:forticlient:*:*:*:*:*:macos:*:*", "matchCriteriaId": "A481CDA4-13C2-4929-934B-B09590E721A8", "versionEndIncluding": "6.2.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9A44C4B-988B-45E4-BA76-8984A9AB9AB0", "versionEndIncluding": "6.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below."}, {"lang": "es", "value": "El uso de una clave criptogr\u00e1fica codificada en el protocolo de comunicaci\u00f3n de servicios FortiGuard puede permitir que un Hombre en el medio con conocimiento de la clave escuche y modifique informaci\u00f3n (servicios URL / SPAM en FortiOS 5.6 y servicios URL / SPAM / AV en FortiOS 6.0). ; Clasificaci\u00f3n de URL en FortiClient) enviado y recibido de los servidores de Fortiguard al descifrar estos mensajes. Los productos afectados incluyen FortiClient para Windows 6.0.6 y versiones anteriores, FortiOS 6.0.7 y versiones anteriores , FortiClient para Mac OS 6.2.1 y versiones anteriores."}], "id": "CVE-2018-9195", "lastModified": "2020-05-04T13:44:43.313", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-11-21T15:15:12.477", "references": [{"source": "psirt@fortinet.com", "tags": ["Third Party Advisory"], "url": "https://fortiguard.com/advisory/FG-IR-18-100"}], "sourceIdentifier": "psirt@fortinet.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "nvd@nist.gov", "type": "Primary"}]}