CVE-2019-17659

A use of hard-coded cryptographic key vulnerability in FortiSIEM version 5.2.6 may allow a remote unauthenticated attacker to obtain SSH access to the supervisor as the restricted user "tunneluser" by leveraging knowledge of the private key from another installation or a firmware image.

CVSS v3 3.7 LOW

3.7^/10

CVSS v3 : LOW

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://fortiguard.fortinet.com/psirt/FG-IR-19-296	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-03-17 14:15

Updated : 2025-07-15 16:48

NVD link : CVE-2019-17659

Mitre link : CVE-2019-17659

CVE.ORG link : CVE-2019-17659

JSON object : View

Products Affected

fortinet

fortisiem

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2019-17659", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2025-03-17T14:15:16.360", "references": [{"url": "https://fortiguard.fortinet.com/psirt/FG-IR-19-296", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "A use of hard-coded cryptographic key vulnerability in FortiSIEM version 5.2.6 may allow a remote unauthenticated attacker to obtain SSH access to the supervisor as the restricted user \"tunneluser\" by leveraging knowledge of the private key from another installation or a firmware image."}, {"lang": "es", "value": "Una vulnerabilidad en el uso de una clave criptogr\u00e1fica codificada en FortiSIEM versi\u00f3n 5.2.6 puede permitir que un atacante remoto no autenticado obtenga acceso SSH al supervisor como el usuario restringido \"tunneluser\" aprovechando el conocimiento de la clave privada de otra instalaci\u00f3n o una imagen de firmware."}], "lastModified": "2025-07-15T16:48:48.100", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortisiem:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C961C610-69DC-495B-BEA0-203F0A2AD0C1", "versionEndExcluding": "5.2.7"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}