Test ID:	1.3.6.1.4.1.25623.1.0.105507
Category:	FortiOS Local Security Checks
Title:	Fortinet FortiOS SSH Undocumented Interactive Login Vulnerability (FG-IR-16-001) - Version Check
Summary:	An undocumented account used for communication with authorized; FortiManager devices exists on some versions of FortiOS.
Description:	Summary: An undocumented account used for communication with authorized FortiManager devices exists on some versions of FortiOS. Vulnerability Insight: On vulnerable versions, and provided 'Administrative Access' is enabled for SSH, this account can be used to log in via SSH in Interactive-Keyboard mode, using a password shared across all devices. It gives access to a CLI console with administrative rights. Vulnerability Impact: Successful exploitation would allow remote console access to vulnerable devices with 'Administrative Access' enabled for SSH. Affected Software/OS: Fortinet FortiOS version 4.1.0 through 4.1.10, 4.2.0 through 4.2.15, 4.3.0 through 4.3.16 and 5.0.0 through 5.0.7. Solution: Update FortiOS to version 4.1.11, 4.2.16, 4.3.17, 5.0.8, 5.2.0, 5.4.0 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1909 https://www.exploit-db.com/exploits/39224/ http://seclists.org/fulldisclosure/2016/Jan/26 http://packetstormsecurity.com/files/135225/FortiGate-OS-5.0.7-SSH-Backdoor.html https://twitter.com/esizkur/status/686842135501508608 http://www.securitytracker.com/id/1034663
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.