CVE-2014-2723

In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
fortinetfortibalancer_400_firmware
*
fortinetfortibalancer_1000_firmware
*
fortinetfortibalancer_2000_firmware
*
fortinetfortibalancer_3000_firmware
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://fortiguard.com/advisory/FG-IR-14-010
https://fortiguard.com/advisory/FG-IR-14-010