CVE-2016-4573

Published on: 09/09/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:26:58 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Certain versions of Fortiswitch from Fortinet contain the following vulnerability:

Fortinet FortiSwitch FSW-108D-POE, FSW-124D, FSW-124D-POE, FSW-224D-POE, FSW-224D-FPOE, FSW-248D-POE, FSW-248D-FPOE, FSW-424D, FSW-424D-POE, FSW-424D-FPOE, FSW-448D, FSW-448D-POE, FSW-448D-FPOE, FSW-524D, FSW-524D-FPOE, FSW-548D, FSW-548D-FPOE, FSW-1024D, FSW-1048D, FSW-3032D, and FSW-R-112D-POE models, when in FortiLink managed mode and upgraded to 3.4.1, might allow remote attackers to bypass authentication and gain administrative access via an empty password for the rest_admin account.

  • CVE-2016-4573 has been assigned by [email protected] to track the vulnerability - currently rated as - currently rated as CRITICAL severity.

CVSS3 Score: 9.8 - CRITICAL

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 10 - HIGH

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
COMPLETE COMPLETE COMPLETE

CVE References

Description Tags Link
FortiSwitch rest_admin account exposed under specific conditions | FortiGuard.com Vendor Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo CONFIRM fortiguard.com/advisory/fortiswitch-rest-admin-account-exposed-under-specific-conditions
Fortinet FortiSwitch CVE-2016-4573 Security Bypass Vulnerability cve.report (archive)
text/html
URL Logo BID 92450
The Missing Link - Advisories - cve-2016-4573 Third Party Advisory
www.themissinglink.com.au
text/html
URL Logo MISC www.themissinglink.com.au/security/advisories/cve-2016-4573

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System
FortinetFortiswitch3.4.1AllAllAll
Operating
System
FortinetFortiswitch3.4.1AllAllAll
HardwareFortinetFsw-1024d-AllAllAll
HardwareFortinetFsw-1024d-AllAllAll
HardwareFortinetFsw-1048d-AllAllAll
HardwareFortinetFsw-1048d-AllAllAll
HardwareFortinetFsw-108d-poe-AllAllAll
HardwareFortinetFsw-108d-poe-AllAllAll
HardwareFortinetFsw-124d-AllAllAll
HardwareFortinetFsw-124d-AllAllAll
HardwareFortinetFsw-124d-poe-AllAllAll
HardwareFortinetFsw-124d-poe-AllAllAll
HardwareFortinetFsw-224d-fpoe-AllAllAll
HardwareFortinetFsw-224d-fpoe-AllAllAll
HardwareFortinetFsw-224d-poe-AllAllAll
HardwareFortinetFsw-224d-poe-AllAllAll
HardwareFortinetFsw-248d-fpoe-AllAllAll
HardwareFortinetFsw-248d-fpoe-AllAllAll
HardwareFortinetFsw-248d-poe-AllAllAll
HardwareFortinetFsw-248d-poe-AllAllAll
HardwareFortinetFsw-3032d-AllAllAll
HardwareFortinetFsw-3032d-AllAllAll
HardwareFortinetFsw-424d-AllAllAll
HardwareFortinetFsw-424d-AllAllAll
HardwareFortinetFsw-424d-fpoe-AllAllAll
HardwareFortinetFsw-424d-fpoe-AllAllAll
HardwareFortinetFsw-424d-poe-AllAllAll
HardwareFortinetFsw-424d-poe-AllAllAll
HardwareFortinetFsw-448d-AllAllAll
HardwareFortinetFsw-448d-AllAllAll
HardwareFortinetFsw-448d-fpoe-AllAllAll
HardwareFortinetFsw-448d-fpoe-AllAllAll
HardwareFortinetFsw-448d-poe-AllAllAll
HardwareFortinetFsw-448d-poe-AllAllAll
HardwareFortinetFsw-524d-AllAllAll
HardwareFortinetFsw-524d-AllAllAll
HardwareFortinetFsw-524d-fpoe-AllAllAll
HardwareFortinetFsw-524d-fpoe-AllAllAll
HardwareFortinetFsw-548d-AllAllAll
HardwareFortinetFsw-548d-AllAllAll
HardwareFortinetFsw-548d-fpoe-AllAllAll
HardwareFortinetFsw-548d-fpoe-AllAllAll
HardwareFortinetFsw-r-112d-poe-AllAllAll
HardwareFortinetFsw-r-112d-poe-AllAllAll
  • cpe:2.3:o:fortinet:fortiswitch:3.4.1:*:*:*:*:*:*:*:
  • cpe:2.3:o:fortinet:fortiswitch:3.4.1:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-1024d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-1024d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-1048d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-1048d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-108d-poe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-108d-poe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-124d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-124d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-124d-poe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-124d-poe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-224d-fpoe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-224d-fpoe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-224d-poe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-224d-poe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-248d-fpoe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-248d-fpoe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-248d-poe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-248d-poe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-3032d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-3032d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-424d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-424d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-424d-fpoe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-424d-fpoe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-424d-poe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-424d-poe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-448d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-448d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-448d-fpoe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-448d-fpoe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-448d-poe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-448d-poe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-524d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-524d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-524d-fpoe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-524d-fpoe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-548d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-548d:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-548d-fpoe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-548d-fpoe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-r-112d-poe:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:fortinet:fsw-r-112d-poe:-:*:*:*:*:*:*:*: