CVE-2019-5591: 
FortiOS vulnerability analysis and mitigation

A Default Configuration vulnerability (CVE-2019-5591) in FortiOS was disclosed that affects FortiOS 6.2.0 and below. The vulnerability allows an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server (NVD, FortiGuard).

The vulnerability has been assigned a CVSS v3 Base Score of 6.5 (Medium severity). The attack vector is Adjacent Network, requiring low attack complexity with no privileges or user interaction needed. The vulnerability primarily impacts confidentiality, with no direct effect on integrity or availability (AttackerKB).

If exploited, the vulnerability allows attackers to intercept sensitive information through LDAP server impersonation. This vulnerability has been identified as one of three vulnerabilities being actively exploited by Advanced Persistent Threat (APT) actors to gain initial access to multiple government, commercial, and technology services (CISA).

Organizations should upgrade to a version newer than FortiOS 6.2.0 to address this vulnerability. CISA encourages users and administrators to review Joint CSA AA21-092A and implement the recommended mitigations (FortiGuard).