Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27613 of 28129

CVE-2017-3126

Posted by Cyberthreat Blog | May 26, 2017 | CVE Notifications |

An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter.

CVE-2017-7337

Posted by Cyberthreat Blog | May 26, 2017 | CVE Notifications |

An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to interact with unauthorized VDOMs or enumerate other ADOMs via another user’s stolen session and CSRF tokens or...

CVE-2017-3129

Posted by Cyberthreat Blog | May 26, 2017 | CVE Notifications |

A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows attacker to execute unauthorized code or commands via an improperly sanitized POST parameter in the FortiWeb Site Publisher feature.

CVE-2017-7338

Posted by Cyberthreat Blog | May 26, 2017 | CVE Notifications |

A password management vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to carry out information disclosure via the FortiAnalyzer Management View.

CVE-2017-3134

Posted by Cyberthreat Blog | May 26, 2017 | CVE Notifications |

An escalation of privilege vulnerability in Fortinet FortiWLC-SD versions 8.2.4 and below allows attacker to gain root access via the CLI command ‘copy running-config’.

Author: Cyberthreat Blog

CVE-2017-3126

CVE-2017-7337

CVE-2017-3129

CVE-2017-7338

CVE-2017-3134