CVE-2019-6697

An Improper Neutralization of Input vulnerability affecting FortiGate version 6.2.0 through 6.2.1, 6.0.0 through 6.0.6 in the hostname parameter of a DHCP packet under DHCP monitor page may allow an unauthenticated attacker in the same network as the FortiGate to perform a Stored Cross Site Scripting attack (XSS) by sending a crafted DHCP packet.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://fortiguard.com/advisory/FG-IR-19-184	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:fortinet:fortios::::::::
	cpe:2.3:o:fortinet:fortios::::::::

History

24 Jul 2025, 20:15

Type	Values Removed	Values Added
First Time		Fortinet fortios Fortinet
CPE		cpe:2.3:o:fortinet:fortios::::::::
Summary		(es) Una vulnerabilidad de neutralización inadecuada de entrada que afecta a FortiGate versiones 6.2.0 a 6.2.1, 6.0.0 a 6.0.6 en el parámetro de nombre de host de un paquete DHCP en la página de monitoreo DHCP puede permitir que un atacante no autenticado en la misma red que FortiGate realice un ataque de cross site scripting (XSS) almacenado enviando un paquete DHCP manipulado.
References	~~() https://fortiguard.com/advisory/FG-IR-19-184 -~~	() https://fortiguard.com/advisory/FG-IR-19-184 - Vendor Advisory

17 Mar 2025, 14:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-17 14:15

Updated : 2025-07-24 20:15

NVD link : CVE-2019-6697

Mitre link : CVE-2019-6697

CVE.ORG link : CVE-2019-6697

JSON object : View

Products Affected

fortinet

fortios

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2019-6697", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2025-03-17T14:15:16.567", "references": [{"url": "https://fortiguard.com/advisory/FG-IR-19-184", "tags": ["Vendor Advisory"], "source": "psirt@fortinet.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@fortinet.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "An Improper Neutralization of Input vulnerability affecting FortiGate version 6.2.0 through 6.2.1, 6.0.0 through 6.0.6 in the hostname parameter of a DHCP packet under DHCP monitor page may allow an unauthenticated attacker in the same network as the FortiGate to perform a Stored Cross Site Scripting attack (XSS) by sending a crafted DHCP packet."}, {"lang": "es", "value": "Una vulnerabilidad de neutralizaci\u00f3n inadecuada de entrada que afecta a FortiGate versiones 6.2.0 a 6.2.1, 6.0.0 a 6.0.6 en el par\u00e1metro de nombre de host de un paquete DHCP en la p\u00e1gina de monitoreo DHCP puede permitir que un atacante no autenticado en la misma red que FortiGate realice un ataque de cross site scripting (XSS) almacenado enviando un paquete DHCP manipulado."}], "lastModified": "2025-07-24T20:15:34.693", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A06EF27A-27FD-4C4D-8773-5A6217C6A6DB", "versionEndExcluding": "6.0.7", "versionStartIncluding": "6.0.0"}, {"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C41693AB-F242-42BC-91EE-70D4D0EC8B32", "versionEndExcluding": "6.2.2", "versionStartIncluding": "6.2.0"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}