CVE-2020-15938

Summary

When traffic other than HTTP/S (eg: SSH traffic, etc…) traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it is not redirected to the transparent proxy policy for processing, as it doesn't have a valid HTTP header.

Affected Software

VendorProductVersion RangeStatus
FortinetFortinet FortiOSFortiOS 6.4.2, 6.2.5affected

Weaknesses

  • Operational Risk, Traffic Bypass

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References