VYPR
Critical severity9.8NVD Advisory· Published Jan 15, 2016· Updated Jun 17, 2026

CVE-2016-1909

CVE-2016-1909

Description

Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the Fortimanager_Access account, which allows remote attackers to obtain administrative access via an SSH session.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

13
  • Fortinet/Fortios11 versions
    cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*range: <=4.3.16
    • cpe:2.3:o:fortinet:fortios:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.3:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.4:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.5:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.6:*:*:*:*:*:*:*
    • cpe:2.3:o:fortinet:fortios:5.0.7:*:*:*:*:*:*:*
    • (no CPE)range: <4.1.11, <4.2.16, <4.3.17, <5.0.8
  • Range: <5.0.12, <5.2.5
  • Range: <3.3.3

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.