CVE-2019-6698

Summary

Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.

Affected Software

VendorProductVersion RangeStatus
n/aFortinet FortiRecorderFortiRecorder all versions below 2.7.4affected

Weaknesses

  • Authentication Controls Bypass

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References