CVE-2019-15711
First published: Thu Feb 06 2020(Updated: )
A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow an user with low privilege to run system commands under root privilege via injecting specially crafted "ExportLogs" type IPC client requests to the fctsched process.
Credit: psirt@fortinet.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet Forticlient | <=6.2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-15711?
CVE-2019-15711 is a privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below.
How does CVE-2019-15711 affect the FortiClient software?
CVE-2019-15711 may allow a user with low privilege to run system commands under root privilege via injecting specially crafted 'ExportLogs' type IPC client requests to the fctsched process.
What is the severity of CVE-2019-15711?
CVE-2019-15711 has a severity score of 7.8, which is considered high.
Which versions of FortiClient for Linux are affected by CVE-2019-15711?
FortiClient for Linux versions up to and including 6.2.1 are affected by CVE-2019-15711.
How can I fix CVE-2019-15711?
To fix CVE-2019-15711, it is recommended to update FortiClient for Linux to a version that is not affected by the vulnerability.
- collector/nvd-index
- agent/type
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/fortinet
- canonical/fortinet forticlient
- version/fortinet forticlient/6.2.1