Advertisement






Fortinet Product Series Multiple Vulnerabilities

CVE Category Price Severity
CVE-2016-3196 CWE-20 Not disclosed High
Author Risk Exploitation Type Date
Ezequiel Fernandez (Onapsis Research Labs) Critical Remote 2016-08-24
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2016080224

Below is a copy:

Fortinet Product Series Multiple VulnerabilitiesFortiGuard Fortinet - Security Bulletins:
http://fortiguard.com/advisory/forticloud-cross-site-script-persistent-web-vulnerabilities
http://fortiguard.com/advisory/fortivoice-5-0-filter-bypass-persistent-web-vulnerabilities
http://fortiguard.com/advisory/fortimanager-and-fortianalyzer-persistent-xss-vulnerability-1
http://fortiguard.com/advisory/fortimanager-and-fortianalyzer-xss-vulnerability
http://fortiguard.com/advisory/fortimanager-and-fortianalyzer-client-side-xss-vulnerability
http://fortiguard.com/advisory/fortimanager-and-fortianalyzer-persistent-xss-vulnerability

CVE-IDs:  CVE-2016-3196 ; CVE-2016-3195 ; CVE-2016-3194 & CVE-2016-3193

Vulnerability Lab - Security Advisories:
http://www.vulnerability-lab.com/get_content.php?id=1687
http://www.vulnerability-lab.com/get_content.php?id=1684
http://www.vulnerability-lab.com/get_content.php?id=1686
http://www.vulnerability-lab.com/get_content.php?id=1685
http://www.vulnerability-lab.com/get_content.php?id=1735
http://www.vulnerability-lab.com/get_content.php?id=1842


Reference Article:
http://www.securityweek.com/vulnerabilities-found-several-fortinet-products
http://magazine.vulnerability-db.com/?q=articles/2016/08/08/fortinet-patches-series-remote-vulnerabilities-appliance-products

Comments:
Thanks to the fortinet psirt security department in the usa for
coordinating the disclosure process!

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum