ID

VAR-201604-0105


CVE

CVE-2016-3978


TITLE

FortiOS of Web Any user in the user interface Web Vulnerability redirected to the site

Trust: 0.8

sources: JVNDB: JVNDB-2016-002059

DESCRIPTION

The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the "redirect" parameter to "login.". Fortinet FortiOS is a set of security operating systems developed by Fortinet Corporation for the FortiGate network security platform. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSL VPN, Web content filtering and anti-spam. The following versions are affected: Fortinet FortiOS 5.0.x prior to 5.0.13, 5.2.x prior to 5.2.3, 5.4.x prior to 5.4.0

Trust: 1.8

sources: NVD: CVE-2016-3978 // JVNDB: JVNDB-2016-002059 // VULHUB: VHN-92797 // VULMON: CVE-2016-3978

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiosscope:eqversion:5.0.3

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.10

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.11

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.4

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.9

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.12

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.5

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.7

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.6

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.8

Trust: 1.6

vendor:fortinetmodel:fortiosscope:eqversion:5.0.1

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.0.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.2.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.2.2

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.2.1

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.0.2

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.4

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.0.13

Trust: 0.8

vendor:fortinetmodel:fortiosscope:eqversion:5.4.0

Trust: 0.8

vendor:fortinetmodel:fortiosscope:ltversion:5.4.x

Trust: 0.8

vendor:fortinetmodel:fortiosscope:ltversion:5.2.x

Trust: 0.8

vendor:fortinetmodel:fortiosscope:ltversion:5.0.x

Trust: 0.8

vendor:fortinetmodel:fortiosscope:eqversion:5.2.3

Trust: 0.8

sources: JVNDB: JVNDB-2016-002059 // CNNVD: CNNVD-201604-131 // NVD: CVE-2016-3978

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-3978
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-3978
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201604-131
value: MEDIUM

Trust: 0.6

VULHUB: VHN-92797
value: MEDIUM

Trust: 0.1

VULMON: CVE-2016-3978
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-3978
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-92797
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-3978
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.7
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-92797 // VULMON: CVE-2016-3978 // JVNDB: JVNDB-2016-002059 // CNNVD: CNNVD-201604-131 // NVD: CVE-2016-3978

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-92797 // JVNDB: JVNDB-2016-002059 // NVD: CVE-2016-3978

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201604-131

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201604-131

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-002059

PATCH

title:FortiOS open redirect vulnerabilityurl:https://fortiguard.com/advisory/fortios-open-redirect-vulnerability

Trust: 0.8

title:Fortinet FortiOS Web User Interface Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60856

Trust: 0.6

title:Kenzer Templates [5170] [DEPRECATED]url:https://github.com/ARPSyndicate/kenzer-templates

Trust: 0.1

sources: VULMON: CVE-2016-3978 // JVNDB: JVNDB-2016-002059 // CNNVD: CNNVD-201604-131

EXTERNAL IDS

db:NVDid:CVE-2016-3978

Trust: 2.6

db:SECTRACKid:1035332

Trust: 1.8

db:JVNDBid:JVNDB-2016-002059

Trust: 0.8

db:CNNVDid:CNNVD-201604-131

Trust: 0.6

db:BIDid:84429

Trust: 0.1

db:VULHUBid:VHN-92797

Trust: 0.1

db:VULMONid:CVE-2016-3978

Trust: 0.1

sources: VULHUB: VHN-92797 // VULMON: CVE-2016-3978 // JVNDB: JVNDB-2016-002059 // CNNVD: CNNVD-201604-131 // NVD: CVE-2016-3978

REFERENCES

url:http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability

Trust: 1.8

url:http://seclists.org/fulldisclosure/2016/mar/68

Trust: 1.8

url:http://www.securitytracker.com/id/1035332

Trust: 1.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3978

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3978

Trust: 0.8

url:https://cwe.mitre.org/data/definitions/79.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/arpsyndicate/kenzer-templates

Trust: 0.1

sources: VULHUB: VHN-92797 // VULMON: CVE-2016-3978 // JVNDB: JVNDB-2016-002059 // CNNVD: CNNVD-201604-131 // NVD: CVE-2016-3978

SOURCES

db:VULHUBid:VHN-92797
db:VULMONid:CVE-2016-3978
db:JVNDBid:JVNDB-2016-002059
db:CNNVDid:CNNVD-201604-131
db:NVDid:CVE-2016-3978

LAST UPDATE DATE

2024-08-14T15:13:44.057000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-92797date:2016-04-14T00:00:00
db:VULMONid:CVE-2016-3978date:2016-04-14T00:00:00
db:JVNDBid:JVNDB-2016-002059date:2016-04-18T00:00:00
db:CNNVDid:CNNVD-201604-131date:2016-04-11T00:00:00
db:NVDid:CVE-2016-3978date:2016-04-14T14:22:02.307

SOURCES RELEASE DATE

db:VULHUBid:VHN-92797date:2016-04-08T00:00:00
db:VULMONid:CVE-2016-3978date:2016-04-08T00:00:00
db:JVNDBid:JVNDB-2016-002059date:2016-04-18T00:00:00
db:CNNVDid:CNNVD-201604-131date:2016-04-11T00:00:00
db:NVDid:CVE-2016-3978date:2016-04-08T14:59:07.913