Lucene search
K

50 matches found

CNNVD
CNNVD
added 2021/10/05 12:0 a.m.6 views

Fortinet FortiWebManager 跨站脚本漏洞

Fortinet FortiWebManager is a web application firewall from Fortinet, Inc. A cross-site scripting vulnerability exists in Fortinet FortiWebManager versions 6.2.3 and 6.0.2 and below, which stems from a lack of checksum filtering of user-supplied and output data, and can be exploited by attackers ...

5.4CVSS5.2AI score0.0058EPSS
Exploits0References4
Fortinet
Fortinet
added 2021/10/05 12:0 a.m.35 views

FortiWebManager - Injection vulnerabilities

An improper neutralization of input vulnerability CWE-79 in FortiWebManager may allow a remote authenticated attacker to inject malicious script/tags via the name/description/comments parameter of various sections of the device...

3.5CVSS5.3AI score0.0058EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2017/11/30 12:0 a.m.3 views

Fortinet FortiWebManager Security Feature Bypass Vulnerability

Fortinet FortiWebManager is a web application firewall. A security feature bypass vulnerability exists in Fortinet FortiWebManager, which can be exploited by an attacker to bypass certain security restrictions and perform unauthorized operations...

10CVSS6.9AI score0.0278EPSS
Exploits0References1
NVD
NVD
added 2017/11/29 7:29 p.m.13 views

CVE-2017-14189

An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully log-in regardless the provided password...

10CVSS9.4AI score0.0278EPSS
Exploits0References3
OSV
OSV
added 2017/11/29 7:29 p.m.4 views

CVE-2017-14189

An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully log-in regardless the provided password...

9.8CVSS5.8AI score0.0278EPSS
Exploits0References3
Prion
Prion
added 2017/11/29 7:29 p.m.12 views

Improper access control

An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully log-in regardless the provided password...

10CVSS9.3AI score0.0278EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/11/29 7:0 p.m.50 views

CVE-2017-14189

Summary: CVE-2017-14189 affects Fortinet FortiWebManager 5.8.0 where the admin login fails to verify the provided password, allowing login access to anyone who can reach the admin WebUI. The root cause is an improper access-control check in the login process. Public references include the FortiGu...

10CVSS9.3AI score0.0278EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2017/11/29 7:0 p.m.6 views

CVE-2017-14189

An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully log-in regardless the provided password...

7.1AI score0.0278EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/11/29 7:0 p.m.19 views

CVE-2017-14189

An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully log-in regardless the provided password...

9.4AI score0.0278EPSS
Exploits0References3
Fortinet
Fortinet
added 2017/11/22 12:0 a.m.29 views

FortiWebManager 5.8.0 improperly handles admin login access

FortiWebManager 5.8.0 fails to check the admin password, granting access regardless the provided string...

10CVSS2.8AI score0.0278EPSS
Exploits0Affected Software1
Rows per page
Query Builder