CVE-2019-5592
Last modified
CVE-2019-5592 is a medium-severity vulnerability rated 5.9/10 on the CVSS scale. Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position.. EPSS estimates a 0.71% chance of exploitation in the next 30 days.
Description
Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE, OpenSSL 0-length) in the CBC padding implementation of FortiOS IPS engine version 5.000 to 5.006, 4.000 to 4.036, 4.200 to 4.219, 3.547 and below, when configured with SSL Deep Inspection policies and with the IPS sensor enabled, may allow an attacker to decipher TLS connections going through the FortiGate via monitoring the traffic in a Man-in-the-middle position.
Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Fortinet | Fortios Ips Engine | <= 3.00547 |
| Fortinet | Fortios Ips Engine | >= 4.00000, <= 4.00036 |
| Fortinet | Fortios Ips Engine | >= 4.00200, <= 4.00219 |
| Fortinet | Fortios Ips Engine | >= 5.00000, <= 5.00006 |
References
- https://fortiguard.com/advisory/FG-IR-19-145Vendor Advisory
- https://fortiguard.com/advisory/FG-IR-19-145Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-5592?
How severe is CVE-2019-5592?
How do I fix CVE-2019-5592?
Are you affected by CVE-2019-5592?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST