CVE-2019-5591 is a vulnerability in Fortinet Fortios
Published on August 14, 2020
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.
Known Exploited Vulnerability
This Fortinet FortiOS Default Configuration Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.
The following remediation steps are recommended / required by May 3, 2022: Apply updates per vendor instructions.
Vulnerability Analysis
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2019-5591 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2019-5591
You can be notified by stack.watch whenever vulnerabilities like CVE-2019-5591 are published in these products:
What versions of Fortios are vulnerable to CVE-2019-5591?
-
Fortinet Fortios
Up to Version 6.2.0