CVE-2017-3131

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allows attackers to execute unauthorized code or commands via the filter input in "Applications" under FortiView.
References
Link Resource
https://fortiguard.com/advisory/FG-IR-17-104 Mitigation Vendor Advisory
https://www.exploit-db.com/exploits/42388/ Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039020 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/100009 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:fortinet:fortios:5.4.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:*

Information

Published : 2017-09-11 19:29

Updated : 2017-09-15 05:46


NVD link : CVE-2017-3131

Mitre link : CVE-2017-3131


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

fortinet

  • fortios