Sign-up

ID

VAR-201607-0244


CVE

CVE-2016-5092


TITLE

Fortinet FortiWeb Vulnerable to directory traversal

Trust: 0.8

sources: JVNDB: JVNDB-2016-003761

DESCRIPTION

Directory traversal vulnerability in Fortinet FortiWeb before 5.5.3 allows remote authenticated administrators with read and write privileges to read arbitrary files by leveraging the autolearn feature. Fortinet FortiWeb is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker could exploit this vulnerability using directory-traversal characters ('../') to perform unauthorized actions. Versions prior to Fortinet FortiWeb 5.5.3 are vulnerable. Fortinet FortiWeb is a web application layer firewall developed by Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc., to ensure the security of web applications and protect sensitive database content. A directory traversal vulnerability exists in Fortinet FortiWeb versions 4.4.6 through 5.5.2

Trust: 1.98

sources: NVD: CVE-2016-5092 // JVNDB: JVNDB-2016-003761 // BID: 91771 // VULHUB: VHN-93911

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiwebscope:lteversion:5.5.2

Trust: 1.0

vendor:fortinetmodel:fortiwebscope:eqversion:5.5.2

Trust: 0.9

vendor:fortinetmodel:fortiwebscope:ltversion:5.5.3

Trust: 0.8

vendor:fortinetmodel:fortiwebscope:eqversion:5.5.1

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.5

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.3.5

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.3.4

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.3.3

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.3.2

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.3.1

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.1

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.0.4

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.0.3

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.0.2

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.0.1

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:4.4.7

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:4.4.6

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.1.4

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.1.3

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.1.2

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.1.1

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:eqversion:5.0.0

Trust: 0.3

vendor:fortinetmodel:fortiwebscope:neversion:5.5.3

Trust: 0.3

sources: BID: 91771 // JVNDB: JVNDB-2016-003761 // CNNVD: CNNVD-201606-584 // NVD: CVE-2016-5092

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-5092
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-5092
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201606-584
value: MEDIUM

Trust: 0.6

VULHUB: VHN-93911
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-5092
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-93911
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-5092
baseSeverity: MEDIUM
baseScore: 4.9
vectorString: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.2
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-93911 // JVNDB: JVNDB-2016-003761 // CNNVD: CNNVD-201606-584 // NVD: CVE-2016-5092

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.9

sources: VULHUB: VHN-93911 // JVNDB: JVNDB-2016-003761 // NVD: CVE-2016-5092

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201606-584

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201606-584

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-003761

PATCH
title:Fortiweb path traversal vulnerabilityurl:http://fortiguard.com/advisory/fortiweb-path-traversal-vulnerability
Trust: 0.8
title:Fortinet FortiWeb Repair measures for path traversal vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62500
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-003761 // 
            
            
            
            CNNVD: CNNVD-201606-584

EXTERNAL IDS
db:NVDid:CVE-2016-5092
Trust: 2.8
db:JVNDBid:JVNDB-2016-003761
Trust: 0.8
db:CNNVDid:CNNVD-201606-584
Trust: 0.7
db:BIDid:91771
Trust: 0.4
db:VULHUBid:VHN-93911
Trust: 0.1
sources:
            
            
            VULHUB: VHN-93911 // 
            
            
            
            BID: 91771 // 
            
            
            
            JVNDB: JVNDB-2016-003761 // 
            
            
            
            CNNVD: CNNVD-201606-584 // 
            
            
            
            NVD: CVE-2016-5092

REFERENCES
url:http://fortiguard.com/advisory/fortiweb-path-traversal-vulnerability
Trust: 2.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5092
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5092
Trust: 0.8
url:http://www.fortinet.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-93911 // 
            
            
            
            BID: 91771 // 
            
            
            
            JVNDB: JVNDB-2016-003761 // 
            
            
            
            CNNVD: CNNVD-201606-584 // 
            
            
            
            NVD: CVE-2016-5092

CREDITS
Ewoud Vlasselaer from Dimension Data Belgium
Trust: 0.9
sources:
            
            
            BID: 91771 // 
            
            
            
            CNNVD: CNNVD-201606-584

SOURCES
db:VULHUBid:VHN-93911
db:BIDid:91771
db:JVNDBid:JVNDB-2016-003761
db:CNNVDid:CNNVD-201606-584
db:NVDid:CVE-2016-5092

LAST UPDATE DATE
2024-08-14T13:57:12.847000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-93911date:2016-07-14T00:00:00
db:BIDid:91771date:2016-05-26T00:00:00
db:JVNDBid:JVNDB-2016-003761date:2016-07-20T00:00:00
db:CNNVDid:CNNVD-201606-584date:2016-07-14T00:00:00
db:NVDid:CVE-2016-5092date:2016-07-14T15:17:42.967

SOURCES RELEASE DATE
db:VULHUBid:VHN-93911date:2016-07-13T00:00:00
db:BIDid:91771date:2016-05-26T00:00:00
db:JVNDBid:JVNDB-2016-003761date:2016-07-20T00:00:00
db:CNNVDid:CNNVD-201606-584date:2016-05-26T00:00:00
db:NVDid:CVE-2016-5092date:2016-07-13T15:59:06.857