CVE-2014-8582 - OpenCVE

FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote attackers to obtain access to arbitrary subnets via unspecified vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fortinet	Coyote Point Equalizer Coyote Point Equalizer Firmware Fortiadc-1000e Fortiadc-300e Fortiadc-400e Fortiadc-600e Fortiadc Firmware

Configuration 1 [-]

AND

cpe:2.3:o:fortinet:coyote_point_equalizer_firmware:10.2.0a:*:*:*:*:*:*:*

cpe:2.3:h:fortinet:coyote_point_equalizer:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:fortinet:fortiadc_firmware:3.1.1:::::::*
	cpe:2.3:o:fortinet:fortiadc_firmware:3.2.0:::::::*
	cpe:2.3:o:fortinet:fortiadc_firmware:3.2.1:::::::*
	cpe:2.3:o:fortinet:fortiadc_firmware:4.0.4:::::::*

OR	cpe:2.3:h:fortinet:fortiadc-1000e:-:::::::*
	cpe:2.3:h:fortinet:fortiadc-300e:-:::::::*
	cpe:2.3:h:fortinet:fortiadc-400e:-:::::::*
	cpe:2.3:h:fortinet:fortiadc-600e:-:::::::*

No data.

References

Link	Providers
http://docs.fortinet.com/uploaded/files/2164/FortiADC-E-4.0.5-GA-Release-Notes.pdf
http://secunia.com/advisories/61866
http://www.fortiguard.com/advisory/FG-IR-14-032/
https://exchange.xforce.ibmcloud.com/vulnerabilities/98384

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-11-01T23:00:00

Updated: 2024-08-06T13:26:00.755Z

Reserved: 2014-11-01T00:00:00

Link: CVE-2014-8582

Vulnrichment

No data.

NVD

Status : Modified

Published: 2014-11-01T23:55:09.823

Modified: 2017-09-08T01:29:25.153

Link: CVE-2014-8582

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-10-21T00:00:00", "descriptions": [{"lang": "en", "value": "FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote attackers to obtain access to arbitrary subnets via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-07T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://docs.fortinet.com/uploaded/files/2164/FortiADC-E-4.0.5-GA-Release-Notes.pdf"}, {"name": "fortiadc-unauth-access(98384)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98384"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.fortiguard.com/advisory/FG-IR-14-032/"}, {"name": "61866", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/61866"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-8582", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote attackers to obtain access to arbitrary subnets via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://docs.fortinet.com/uploaded/files/2164/FortiADC-E-4.0.5-GA-Release-Notes.pdf", "refsource": "CONFIRM", "url": "http://docs.fortinet.com/uploaded/files/2164/FortiADC-E-4.0.5-GA-Release-Notes.pdf"}, {"name": "fortiadc-unauth-access(98384)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98384"}, {"name": "http://www.fortiguard.com/advisory/FG-IR-14-032/", "refsource": "CONFIRM", "url": "http://www.fortiguard.com/advisory/FG-IR-14-032/"}, {"name": "61866", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61866"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:26:00.755Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.fortinet.com/uploaded/files/2164/FortiADC-E-4.0.5-GA-Release-Notes.pdf"}, {"name": "fortiadc-unauth-access(98384)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98384"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.fortiguard.com/advisory/FG-IR-14-032/"}, {"name": "61866", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/61866"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-8582", "datePublished": "2014-11-01T23:00:00", "dateReserved": "2014-11-01T00:00:00", "dateUpdated": "2024-08-06T13:26:00.755Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:coyote_point_equalizer_firmware:10.2.0a:*:*:*:*:*:*:*", "matchCriteriaId": "DC84FDDC-1990-4730-80A9-D8612C69C4DD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:fortinet:coyote_point_equalizer:-:*:*:*:*:*:*:*", "matchCriteriaId": "ACAC0FC5-6E64-4092-B2FB-DE2AEF7D680B", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:fortiadc_firmware:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA8F97BF-61EA-4896-B490-349BEBAA050C", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortiadc_firmware:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "25B66E1A-93E2-4251-8953-3C82704D9DD3", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortiadc_firmware:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "985AD97D-669B-433C-975E-877B147503EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:fortinet:fortiadc_firmware:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "99162FEE-AFDF-44A5-9D66-D1BD65CDA8D0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:fortinet:fortiadc-1000e:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3C04FD0-F54D-461C-AB13-80557B838FB6", "vulnerable": true}, {"criteria": "cpe:2.3:h:fortinet:fortiadc-300e:-:*:*:*:*:*:*:*", "matchCriteriaId": "A7E75BFB-3DE5-4DB5-9C90-3AB9D22EBC08", "vulnerable": true}, {"criteria": "cpe:2.3:h:fortinet:fortiadc-400e:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1A8EE3A-31E1-44B5-AA2C-D6F2989C4B50", "vulnerable": true}, {"criteria": "cpe:2.3:h:fortinet:fortiadc-600e:-:*:*:*:*:*:*:*", "matchCriteriaId": "94593E5C-BCBC-4368-89E2-0372A17D9296", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote attackers to obtain access to arbitrary subnets via unspecified vectors."}, {"lang": "es", "value": "FortiNet FortiADC-E con firmware 3.1.1 anterior a 4.0.5 y Coyote Point Equalizer con firmware 10.2.0a permite a atacantes remotos obtener el acceso a subredes arbitrarios a trav\u00e9s de vectores no especificados."}], "id": "CVE-2014-8582", "lastModified": "2017-09-08T01:29:25.153", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-11-01T23:55:09.823", "references": [{"source": "cve@mitre.org", "url": "http://docs.fortinet.com/uploaded/files/2164/FortiADC-E-4.0.5-GA-Release-Notes.pdf"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/61866"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.fortiguard.com/advisory/FG-IR-14-032/"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98384"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}