CVE-2019-6698
Summary
| CVE | CVE-2019-6698 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-08-23 20:15:00 UTC |
| Updated | 2019-10-03 17:50:00 UTC |
| Description | Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device. |
Risk And Classification
Problem Types: CWE-798
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Fortinet | Fortirecorder 100d | - | All | All | All |
| Hardware | Fortinet | Fortirecorder 100d | - | All | All | All |
| Hardware | Fortinet | Fortirecorder 200d | - | All | All | All |
| Hardware | Fortinet | Fortirecorder 200d | - | All | All | All |
| Hardware | Fortinet | Fortirecorder 400d | - | All | All | All |
| Hardware | Fortinet | Fortirecorder 400d | - | All | All | All |
| Operating System | Fortinet | Fortirecorder Firmware | All | All | All | All |
| Operating System | Fortinet | Fortirecorder Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| FortiRecorder sets credentials of FortiCameras to static values | FortiGuard | CONFIRM | fortiguard.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.