Details of VAR-201508-0594

ID

VAR-201508-0594

CVE

CVE-2015-3626

TITLE

FortiGate Runs on the device FortiGate of DHCP Monitor of Web User interface (WebUI) Page cross-site scripting vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2015-004042

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the DHCP Monitor page in the Web User Interface (WebUI) in Fortinet FortiOS before 5.2.4 on FortiGate devices allows remote attackers to inject arbitrary web script or HTML via a crafted hostname. FortiOS is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will result in the execution of arbitrary attacker-supplied HTML and script code in the context of the affected application, potentially allowing the attacker to steal cookie-based authentication credentials or control how the page is rendered to the user. Other attacks are also possible. Fortinet FortiOS is a set of security operating systems developed by Fortinet Corporation for the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSL VPN, Web content filtering and anti-spam

Trust: 2.07

sources: NVD: CVE-2015-3626 // JVNDB: JVNDB-2015-004042 // BID: 76046 // VULHUB: VHN-81587 // VULMON: CVE-2015-3626

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortios	scope:	lte	version:	5.2.3	Trust: 1.0
vendor:	fortinet	model:	fortios	scope:	lt	version:	5.2.4	Trust: 0.8
vendor:	fortinet	model:	fortios	scope:	eq	version:	5.2.3	Trust: 0.6

sources: JVNDB: JVNDB-2015-004042 // CNNVD: CNNVD-201507-782 // NVD: CVE-2015-3626

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-3626
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-3626
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201507-782
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-81587
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2015-3626
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-3626
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-81587
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-81587 // VULMON: CVE-2015-3626 // JVNDB: JVNDB-2015-004042 // CNNVD: CNNVD-201507-782 // NVD: CVE-2015-3626

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-81587 // JVNDB: JVNDB-2015-004042 // NVD: CVE-2015-3626

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201507-782

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201507-782

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-004042

PATCH

title:

XSS vulnerability in FortiGate DHCP monitor WebUI page

url:

http://www.fortiguard.com/advisory/FG-IR-15-018/

Trust: 0.8

sources: JVNDB: JVNDB-2015-004042

EXTERNAL IDS

db:	NVD	id:	CVE-2015-3626	Trust: 2.9
db:	SECTRACK	id:	1033144	Trust: 1.8
db:	BID	id:	76046	Trust: 1.0
db:	JVNDB	id:	JVNDB-2015-004042	Trust: 0.8
db:	CNNVD	id:	CNNVD-201507-782	Trust: 0.7
db:	VULHUB	id:	VHN-81587	Trust: 0.1
db:	VULMON	id:	CVE-2015-3626	Trust: 0.1

sources: VULHUB: VHN-81587 // VULMON: CVE-2015-3626 // BID: 76046 // JVNDB: JVNDB-2015-004042 // CNNVD: CNNVD-201507-782 // NVD: CVE-2015-3626

REFERENCES

url:	http://www.fortiguard.com/advisory/fg-ir-15-018/	Trust: 1.8
url:	http://www.securitytracker.com/id/1033144	Trust: 1.8
url:	http://www.fortiguard.com/advisory/dhcp-hostname-html-injection	Trust: 1.5
url:	http://fortiguard.com/advisory/dhcp-hostname-html-injection	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3626	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3626	Trust: 0.8
url:	http://www.securityfocus.com/bid/76046	Trust: 0.6
url:	https://www.fortinet.com/	Trust: 0.3
url:	www.fortiguard.com/advisory/fg-ir-15-018/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/79.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=40233	Trust: 0.1

sources: VULHUB: VHN-81587 // VULMON: CVE-2015-3626 // BID: 76046 // JVNDB: JVNDB-2015-004042 // CNNVD: CNNVD-201507-782 // NVD: CVE-2015-3626

CREDITS

Ziv Kamir

Trust: 0.9

sources: BID: 76046 // CNNVD: CNNVD-201507-782

SOURCES

db:	VULHUB	id:	VHN-81587
db:	VULMON	id:	CVE-2015-3626
db:	BID	id:	76046
db:	JVNDB	id:	JVNDB-2015-004042
db:	CNNVD	id:	CNNVD-201507-782
db:	NVD	id:	CVE-2015-3626

LAST UPDATE DATE

2024-08-14T14:52:19.108000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-81587	date:	2016-12-03T00:00:00
db:	VULMON	id:	CVE-2015-3626	date:	2016-12-03T00:00:00
db:	BID	id:	76046	date:	2016-07-06T14:00:00
db:	JVNDB	id:	JVNDB-2015-004042	date:	2015-08-12T00:00:00
db:	CNNVD	id:	CNNVD-201507-782	date:	2015-08-12T00:00:00
db:	NVD	id:	CVE-2015-3626	date:	2016-12-03T03:09:28.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-81587	date:	2015-08-11T00:00:00
db:	VULMON	id:	CVE-2015-3626	date:	2015-08-11T00:00:00
db:	BID	id:	76046	date:	2015-07-24T00:00:00
db:	JVNDB	id:	JVNDB-2015-004042	date:	2015-08-12T00:00:00
db:	CNNVD	id:	CNNVD-201507-782	date:	2015-07-29T00:00:00
db:	NVD	id:	CVE-2015-3626	date:	2015-08-11T14:59:09.180