CVE-2020-9294 vulnerability in Fortinet Products
Published on April 27, 2020

An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated attacker to access the system as a legitimate user by requesting a password change via the user interface.

NVD

Products Associated with CVE-2020-9294

stack.watch emails you whenever new vulnerabilities are published in Fortinet Fortimail or Fortinet Fortivoice. Just hit a watch button to start following.

Fortinet Fortimail

Fortinet Fortivoice

Affected Versions

Fortinet FortiMail:

Version 5.4.10 is affected.
Version 6.0.7 is affected.
Version 6.2.2 and earlier is affected.

Fortinet FortiVoiceEnterprise:

Version 6.0.0 is affected.
Version 6.0.1 is affected.

Exploit Probability

EPSS

80.13%

Percentile

99.10%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-9294 vulnerability in Fortinet ProductsPublished on April 27, 2020

Products Associated with CVE-2020-9294

Affected Versions

Exploit Probability

CVE-2020-9294 vulnerability in Fortinet Products
Published on April 27, 2020