← back
CVE-2019-5591

CVE-2019-5591

CVSS 6.5 MEDIUMEPSS 18.6%● KEVCWE-306
In short

FortiOS has a default configuration that allows an attacker on the same network to pretend to be an LDAP server and intercept sensitive information like login credentials. This happens because the system doesn't properly verify the server's identity.

Technical detail

A missing authentication weakness in FortiOS default configuration enables an unauthenticated attacker on the local subnet to perform LDAP server impersonation attacks without prerequisite authentication, leading to interception of sensitive data transmitted during LDAP authentication exchanges.

Summary generated and translated by AI from the official description.
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
Fortinet · Fortinet FortiOS
public PoCs found1
githubgithub.com/ayewo/fortios-ldap-mitm-poc-CVE-2019-55911
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-5591https://www.fortiguard.com/psirt/FG-IR-19-037