10

CVE-2016-4573

Fortinet FortiSwitch FSW-108D-POE, FSW-124D, FSW-124D-POE, FSW-224D-POE, FSW-224D-FPOE, FSW-248D-POE, FSW-248D-FPOE, FSW-424D, FSW-424D-POE, FSW-424D-FPOE, FSW-448D, FSW-448D-POE, FSW-448D-FPOE, FSW-524D, FSW-524D-FPOE, FSW-548D, FSW-548D-FPOE, FSW-1024D, FSW-1048D, FSW-3032D, and FSW-R-112D-POE models, when in FortiLink managed mode and upgraded to 3.4.1, might allow remote attackers to bypass authentication and gain administrative access via an empty password for the rest_admin account.

Data is provided by the National Vulnerability Database (NVD)
FortinetFortiswitch Version3.4.1
   FortinetFsw-1024d Version-
   FortinetFsw-1048d Version-
   FortinetFsw-108d-poe Version-
   FortinetFsw-124d Version-
   FortinetFsw-124d-poe Version-
   FortinetFsw-224d-fpoe Version-
   FortinetFsw-224d-poe Version-
   FortinetFsw-248d-fpoe Version-
   FortinetFsw-248d-poe Version-
   FortinetFsw-3032d Version-
   FortinetFsw-424d Version-
   FortinetFsw-424d-fpoe Version-
   FortinetFsw-424d-poe Version-
   FortinetFsw-448d Version-
   FortinetFsw-448d-fpoe Version-
   FortinetFsw-448d-poe Version-
   FortinetFsw-524d Version-
   FortinetFsw-524d-fpoe Version-
   FortinetFsw-548d Version-
   FortinetFsw-548d-fpoe Version-
   FortinetFsw-r-112d-poe Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 7.63% 0.91
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C