1. Home
  2. CVE Database
  3. CVE-2019-6698
CRITICAL · 9.8

CVE-2019-6698

Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to Forti...

Vulnerability Description

Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to FortiCameras to take control of those, provided they are managed by a FortiRecorder device.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
FortinetFortirecorder Firmware< 2.7.4
FortinetFortirecorder 100D-
FortinetFortirecorder 200D-
FortinetFortirecorder 400D-

Related Weaknesses (CWE)

CWE-798

References

FAQ

What is CVE-2019-6698?

CVE-2019-6698 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow an unauthenticated attacker with knowledge of the aforementioned credentials and network access to Forti...

How severe is CVE-2019-6698?

CVE-2019-6698 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2019-6698?

Check the references section above for vendor advisories and patch information. Affected products include: Fortinet Fortirecorder Firmware, Fortinet Fortirecorder 100D, Fortinet Fortirecorder 200D, Fortinet Fortirecorder 400D.