Unauthenticated Remote Shell Access in FortiOS 5.2.3 High Availability Configuration

Unauthenticated Remote Shell Access in FortiOS 5.2.3 High Availability Configuration

CVE-2015-7361 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

FortiOS 5.2.3, when configured to use High Availability (HA) and the dedicated management interface is enabled, does not require authentication for access to the ZebOS shell on the HA dedicated management interface, which allows remote attackers to obtain shell access via unspecified vectors.

Learn more about our Cis Benchmark Audit For Apple Ios.