CVSS: 5.4EPSS: 0%CPEs: 25EXPL: 0CVE-2016-3196
https://notcve.org/view.php?id=CVE-2016-3196
Cross-site scripting (XSS) vulnerability in Fortinet FortiAnalyzer 5.x before 5.0.12 and 5.2.x before 5.2.6 and FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.6 allows remote authenticated users to inject arbitrary web script or HTML via the filename of an image uploaded in the report section. Vulnerabilidad de XSS en Fortinet FortiAnalyzer 5.x en versiones anteriores a 5.0.12 y 5.2.x en versiones anteriores a 5.2.6 y FortiManager 5.x en versiones anteriores a 5.0.12 y 5.2.x en versiones anteriores a 5.2.6 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través del nombre de archivo de una imagen cargada en la sección del informe. • http://fortiguard.com/advisory/fortimanager-and-fortianalyzer-persistent-xss-vulnerability http://seclists.org/fulldisclosure/2016/Aug/4 http://www.securityfocus.com/archive/1/539069/100/0/threaded http://www.securityfocus.com/bid/92203 http://www.securitytracker.com/id/1036550 http://www.securitytracker.com/id/1036551 http://www.vulnerability-lab.com/get_content.php?id=1687 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4066
https://notcve.org/view.php?id=CVE-2016-4066
Cross-site request forgery (CSRF) vulnerability in Fortinet FortiWeb before 5.5.3 allows remote attackers to hijack the authentication of administrators for requests that change the password via unspecified vectors. Vulnerabilidad de CSRF en Fortinet FortiWeb en versiones anteriores a 5.5.3 permite a atacantes remotos secuestrar la autenticación de administradores para peticiones de cambio de contraseña a través de vectores no especificados. • http://fortiguard.com/advisory/fortiweb-csrf-vulnerability http://www.securityfocus.com/bid/91768 http://www.securitytracker.com/id/1036194 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5092
https://notcve.org/view.php?id=CVE-2016-5092
Directory traversal vulnerability in Fortinet FortiWeb before 5.5.3 allows remote authenticated administrators with read and write privileges to read arbitrary files by leveraging the autolearn feature. Vulnerabilidad de salto de directorio en Fortinet FortiWeb en versiones anteriores a 5.5.3 permite a administradores remotos autenticados con privilegios de lectura y escritura leer archivos arbitrarios mediante el aprovechamiento de una función de aprendizaje automático. • http://fortiguard.com/advisory/fortiweb-path-traversal-vulnerability • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 17EXPL: 0CVE-2016-3978
https://notcve.org/view.php?id=CVE-2016-3978
The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the "redirect" parameter to "login." La Web User Interface (WebUI) en FortiOS 5.0.x en versiones anteriores a 5.0.13, 5.2.x en versiones anteriores a 5.2.3 y 5.4.x en versiones anteriores a 5.4.0 permite a atacantes remotos redirigir a usuarios a sitios web arbitrarios y llevar a cabo ataques de phishing o ataques de XSS a través del parámetro "redirect" en "login". • http://seclists.org/fulldisclosure/2016/Mar/68 http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability http://www.securitytracker.com/id/1035332 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 68%CPEs: 10EXPL: 4CVE-2016-1909 – Fortinet FortiGate 4.x < 5.0.7 - SSH Backdoor Access
https://notcve.org/view.php?id=CVE-2016-1909
Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the Fortimanager_Access account, which allows remote attackers to obtain administrative access via an SSH session. Fortinet FortiAnalyzer en versiones anteriores a 5.0.12 y 5.2.x en versiones anteriores a 5.2.5; FortiSwitch 3.3.x en versiones anteriores a 3.3.3; FortiCache 3.0.x en versiones anteriores a 3.0.8; y FortiOS 4.1.x en versiones anteriores a 4.1.11, 4.2.x en versiones anteriores a 4.2.16, 4.3.x en versiones anteriores a 4.3.17 y 5.0.x en versiones anteriores a 5.0.8 tienen una frase de contraseña embebida para la cuenta Fortimanager_Access, lo que permite a atacantes remotos obtener acceso administrativo a través de una sesión SSH. • https://www.exploit-db.com/exploits/43386 http://blog.fortinet.com/post/brief-statement-regarding-issues-found-with-fortios http://packetstormsecurity.com/files/135225/FortiGate-OS-5.0.7-SSH-Backdoor.html http://seclists.org/fulldisclosure/2016/Jan/26 http://www.fortiguard.com/advisory/multiple-products-ssh-undocumented-login-vulnerability http://www.securitytracker.com/id/1034663 https://twitter.com/esizkur/status/686842135501508608 https://www.exploit-db.com/exploits/39224 https://seclists.org/ • CWE-264: Permissions, Privileges, and Access Controls •