CVE-2020-15936 LOW

CVE-2020-15936

Vendor Fortinet
Product Fortinet FortiOS
Published March 1, 2022
Last update October 22, 2024

CVSS base score

2.6/10
Attack vector Adjacent
Attack complexity High
Privileges required High
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N/E:X/RL:X/RC:X

What the vulnerability does

01Description

A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets.

Key dates

02Disclosure timeline

March 1, 2022 CVE published
October 22, 2024 Record updated