CVE-2020-15936: 
FortiOS vulnerability analysis and mitigation

A vulnerability identified as CVE-2020-15936 was discovered in Fortinet FortiGate devices. The issue affects multiple versions including 6.4.3 and below, 6.2.5 and below, 6.0.11 and below, and 5.6.13 and below. The vulnerability stems from improper input validation that could allow an attacker to disclose sensitive information through SNI Client Hello TLS packets (NVD, CVE).

The vulnerability is classified as an Improper Input Validation (CWE-20) issue. According to the CVSS scoring, the NVD assigned a base score of 4.5 (MEDIUM) with the vector CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N, while Fortinet assessed it with a lower score of 2.6 (LOW) with the vector CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N (NVD).

The vulnerability allows attackers to potentially disclose sensitive information through the manipulation of SNI Client Hello TLS packets. The impact is primarily focused on confidentiality, with high potential for information disclosure according to the NVD scoring (NVD).

Users should upgrade to versions newer than those affected (6.4.3, 6.2.5, 6.0.11, and 5.6.13) to address this vulnerability. The issue affects multiple FortiOS versions, and updating to the latest patched version is recommended (Fortinet Advisory).