Open Redirect Weakness in Fortinet FortiAnalyzer and FortiManager
CVE-2017-3126
6.1MEDIUM
Key Information:
- Vendor
Fortinet
- Vendor
- CVE Published:
- 27 May 2017
What is CVE-2017-3126?
An Open Redirect vulnerability exists in Fortinet’s FortiAnalyzer versions 5.4.0 to 5.4.2 and FortiManager versions 5.4.0 to 5.4.2. This flaw can be exploited by attackers to redirect users to malicious websites, allowing them to execute unauthorized code or commands through manipulation of the 'next' parameter. Organizations using these versions should take immediate steps to patch the vulnerability to mitigate potential security risks.
Affected Version(s)
Fortinet FortiAnalyzer, FortiManager FortiAnalyzer 5.4.2, 5.4.1, 5.4.0
Fortinet FortiAnalyzer, FortiManager FortiManager 5.4.2, 5.4.1, 5.4.0