CVE-2017-3130

Summary

An information disclosure vulnerability in Fortinet FortiOS 5.6.0, 5.4.4 and below versions allows attacker to get FortiOS version info by inspecting FortiOS IKE VendorID packets.

Affected Software

VendorProductVersion RangeStatus
Fortinet, Inc.Fortinet FortiOSFortiOS 5.6.0, 5.4.4 and below versionsaffected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References