Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27891 of 28407

CVE-2017-7337

Posted by Cyberthreat Blog | May 26, 2017 | CVE Notifications |

An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to interact with unauthorized VDOMs or enumerate other ADOMs via another user’s stolen session and CSRF tokens or...

CVE-2017-3129

Posted by Cyberthreat Blog | May 26, 2017 | CVE Notifications |

A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows attacker to execute unauthorized code or commands via an improperly sanitized POST parameter in the FortiWeb Site Publisher feature.

CVE-2017-7338

Posted by Cyberthreat Blog | May 26, 2017 | CVE Notifications |

A password management vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to carry out information disclosure via the FortiAnalyzer Management View.

CVE-2017-3134

Posted by Cyberthreat Blog | May 26, 2017 | CVE Notifications |

An escalation of privilege vulnerability in Fortinet FortiWLC-SD versions 8.2.4 and below allows attacker to gain root access via the CLI command ‘copy running-config’.

CVE-2017-7339

Posted by Cyberthreat Blog | May 26, 2017 | CVE Notifications |

A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to execute unauthorized code or commands via the ‘Name’ and ‘Description’ inputs in the ‘Add...

Author: Cyberthreat Blog

CVE-2017-7337

CVE-2017-3129

CVE-2017-7338

CVE-2017-3134

CVE-2017-7339