CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2017-3133 – Fortinet FortiOS < 5.6.0 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-3133
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN. Una vulnerabilidad de tipo Cross-Site Scripting en Fortinet FortiOS en su versión 5.6.0 y anteriores permite que atacantes remotos ejecuten código o comandos sin autorización mediante el código HTML de los mensajes de reemplazo para SSL-VPN. FortiOS versions 5.6.0 and below suffer from multiple cross site scripting vulnerabilities. • https://www.exploit-db.com/exploits/42388 http://www.securityfocus.com/bid/100009 http://www.securitytracker.com/id/1039020 https://fortiguard.com/advisory/FG-IR-17-104 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 26EXPL: 0CVE-2017-3128
https://notcve.org/view.php?id=CVE-2017-3128
A stored XSS (Cross-Site-Scripting) vulnerability in Fortinet FortiOS allows attackers to execute unauthorized code or commands via the policy global-label parameter. Una vulnerabilidad tipo XSS (Cross-Site-Scripting) almacenado en FortiOS de Fortinet, permite a los atacantes ejecutar código o comandos no autorizados por medio del parámetro policy global-label. • http://www.securityfocus.com/bid/98514 http://www.securitytracker.com/id/1038541 https://fortiguard.com/psirt/FG-IR-17-057 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 26EXPL: 0CVE-2016-7541
https://notcve.org/view.php?id=CVE-2016-7541
Long lived sessions in Fortinet FortiGate devices with FortiOS 5.x before 5.4.0 could violate a security policy during IPS signature updates when the FortiGate's IPSengine is configured in flow mode. All FortiGate versions with IPS configured in proxy mode (the default mode) are not affected. Las sesiones de larga duración en dispositivos Fortinet FortiGate con FortiOS 5.x en versiones anteriores a 5.4.0 podría violar una política de seguridad durante las actualizaciones de firmas IPS cuando el IPSengine de FortiGate está configurado en modo de flujo. Todas las versiones FortiGate con IPS configurado en modo proxy (el modo predeterminado) no están afectadas. • http://fortiguard.com/advisory/FG-IR-16-088 http://www.securityfocus.com/bid/94477 • CWE-254: 7PK - Security Features •
CVSS: 6.1EPSS: 0%CPEs: 17EXPL: 0CVE-2016-3978
https://notcve.org/view.php?id=CVE-2016-3978
The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the "redirect" parameter to "login." La Web User Interface (WebUI) en FortiOS 5.0.x en versiones anteriores a 5.0.13, 5.2.x en versiones anteriores a 5.2.3 y 5.4.x en versiones anteriores a 5.4.0 permite a atacantes remotos redirigir a usuarios a sitios web arbitrarios y llevar a cabo ataques de phishing o ataques de XSS a través del parámetro "redirect" en "login". • http://seclists.org/fulldisclosure/2016/Mar/68 http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability http://www.securitytracker.com/id/1035332 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 68%CPEs: 10EXPL: 4CVE-2016-1909 – Fortinet FortiGate 4.x < 5.0.7 - SSH Backdoor Access
https://notcve.org/view.php?id=CVE-2016-1909
Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the Fortimanager_Access account, which allows remote attackers to obtain administrative access via an SSH session. Fortinet FortiAnalyzer en versiones anteriores a 5.0.12 y 5.2.x en versiones anteriores a 5.2.5; FortiSwitch 3.3.x en versiones anteriores a 3.3.3; FortiCache 3.0.x en versiones anteriores a 3.0.8; y FortiOS 4.1.x en versiones anteriores a 4.1.11, 4.2.x en versiones anteriores a 4.2.16, 4.3.x en versiones anteriores a 4.3.17 y 5.0.x en versiones anteriores a 5.0.8 tienen una frase de contraseña embebida para la cuenta Fortimanager_Access, lo que permite a atacantes remotos obtener acceso administrativo a través de una sesión SSH. • https://www.exploit-db.com/exploits/43386 http://blog.fortinet.com/post/brief-statement-regarding-issues-found-with-fortios http://packetstormsecurity.com/files/135225/FortiGate-OS-5.0.7-SSH-Backdoor.html http://seclists.org/fulldisclosure/2016/Jan/26 http://www.fortiguard.com/advisory/multiple-products-ssh-undocumented-login-vulnerability http://www.securitytracker.com/id/1034663 https://twitter.com/esizkur/status/686842135501508608 https://www.exploit-db.com/exploits/39224 • CWE-264: Permissions, Privileges, and Access Controls •