Cross-site Scripting Vulnerability in Fortinet FortiManager and FortiAnalyzer
CVE-2016-3194

6.1MEDIUM

Key Information:

Vendor
Fortinet
Status
Fortimanager Firmware
Vendor
CVE Published:
19 August 2016

Summary

A cross-site scripting (XSS) vulnerability exists in Fortinet's FortiManager and FortiAnalyzer. This security flaw allows remote attackers to inject arbitrary web scripts or HTML code into affected systems via various unspecified methods. This vulnerability can potentially compromise the security posture of systems utilizing these products, highlighting the importance of timely updates and security practices.

References

http://www.securitytracker.com/id/1036550
vdb-entryx_refsource_SECTRACK
http://fortiguard.com/advisory/fortimanager-and-fortianal...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/92456
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.