{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T10:55:06.440","vulnerabilities":[{"cve":{"id":"CVE-2020-15936","sourceIdentifier":"psirt@fortinet.com","published":"2022-03-01T19:15:08.097","lastModified":"2024-11-21T05:06:29.380","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets."},{"lang":"es","value":"Una comprobaciĆ³n de entrada inapropiada en Fortinet FortiGate versiones 6.4.3 y anteriores, versiones 6.2.5 y anteriores, versiones 6.0.11 y anteriores, versiones 5.6.13 y anteriores, permite a un atacante revelar informaciĆ³n confidencial por medio de paquetes SNI Client Hello TLS."}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N","baseScore":2.6,"baseSeverity":"LOW","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.0,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"5.6.0","versionEndIncluding":"5.6.13","matchCriteriaId":"7E239D7B-8B65-4639-9390-F62C5A584B18"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.0.11","matchCriteriaId":"91921D15-AC8B-4303-BF4B-32FC53B9EB53"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0","versionEndIncluding":"6.2.5","matchCriteriaId":"A2B9C172-F8C6-416C-ADB9-AF893FB0A78C"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndIncluding":"6.4.3","matchCriteriaId":"FF4B21C8-D766-40AF-82F3-924210471D04"}]}]}],"references":[{"url":"https://fortiguard.com/advisory/FG-IR-20-091","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://fortiguard.com/advisory/FG-IR-20-091","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}