Details of VAR-201608-0276

ID

VAR-201608-0276

CVE

CVE-2016-3193

TITLE

Fortinet FortiManager and FortiAnalyzer Of appliance Web Application cross-site scripting vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-004418

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the appliance web-application in Fortinet FortiManager 5.x before 5.0.12, 5.2.x before 5.2.6, and 5.4.x before 5.4.1 and FortiAnalyzer 5.x before 5.0.13, 5.2.x before 5.2.6, and 5.4.x before 5.4.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. FortiManager and FortiAnalyzer are prone to an HTML injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. Both Fortinet FortiManager and FortiAnalyzer are products of Fortinet. Fortinet FortiManager is a centralized network security management solution. FortiAnalyzer is a centralized network security reporting solution. A cross-site scripting vulnerability exists in the web-application in Fortinet FortiManager and FortiAnalyzer. The following versions are affected: Fortinet FortiManager 5.x prior to 5.0.12, 5.2.x prior to 5.2.6, 5.4.x prior to 5.4.1; FortiAnalyzer 5.x prior to 5.0.13, 5.2. 5.2.x prior to 6, 5.4.x prior to 5.4.1

Trust: 1.98

sources: NVD: CVE-2016-3193 // JVNDB: JVNDB-2016-004418 // BID: 92458 // VULHUB: VHN-92012

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.2.5	Trust: 1.9
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.2.2	Trust: 1.9
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.2.1	Trust: 1.9
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0.11	Trust: 1.9
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0.10	Trust: 1.9
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.2.4	Trust: 1.6
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.2.0	Trust: 1.6
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0.12	Trust: 1.6
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.2.3	Trust: 1.6
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0.0	Trust: 1.6
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.2.5	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.2.2	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.2.1	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0.11	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0.10	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0.9	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0.8	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0.7	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0.6	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0.5	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0.4	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0.3	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0.2	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0.1	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.2.4	Trust: 1.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.2.3	Trust: 1.3
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0.9	Trust: 1.3
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0.7	Trust: 1.3
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0.5	Trust: 1.3
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0.4	Trust: 1.3
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0.8	Trust: 1.0
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0.2	Trust: 1.0
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0.3	Trust: 1.0
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0.0	Trust: 1.0
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0.6	Trust: 1.0
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.2.0	Trust: 1.0
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.4.0	Trust: 1.0
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.4.0	Trust: 1.0
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0.13	Trust: 0.8
vendor:	fortinet	model:	fortianalyzer	scope:	lt	version:	5.x	Trust: 0.8
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.4.1	Trust: 0.8
vendor:	fortinet	model:	fortimanager	scope:	lt	version:	5.x	Trust: 0.8
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.4.1	Trust: 0.8
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.2.6	Trust: 0.8
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.2.6	Trust: 0.8
vendor:	fortinet	model:	fortianalyzer	scope:	lt	version:	5.4.x	Trust: 0.8
vendor:	fortinet	model:	fortimanager	scope:	lt	version:	5.4.x	Trust: 0.8
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0.12	Trust: 0.8
vendor:	fortinet	model:	fortianalyzer	scope:	lt	version:	5.2.x	Trust: 0.8
vendor:	fortinet	model:	fortimanager	scope:	lt	version:	5.2.x	Trust: 0.8
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.4	Trust: 0.3
vendor:	fortinet	model:	fortimanager	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.4	Trust: 0.3
vendor:	fortinet	model:	fortianalyzer	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fortinet	model:	fortimanager	scope:	ne	version:	5.4.1	Trust: 0.3
vendor:	fortinet	model:	fortimanager	scope:	ne	version:	5.2.6	Trust: 0.3
vendor:	fortinet	model:	fortimanager	scope:	ne	version:	5.0.12	Trust: 0.3
vendor:	fortinet	model:	fortianalyzer	scope:	ne	version:	5.4.1	Trust: 0.3
vendor:	fortinet	model:	fortianalyzer	scope:	ne	version:	5.2.6	Trust: 0.3
vendor:	fortinet	model:	fortianalyzer	scope:	ne	version:	5.0.13	Trust: 0.3

sources: BID: 92458 // JVNDB: JVNDB-2016-004418 // CNNVD: CNNVD-201608-297 // NVD: CVE-2016-3193

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-3193
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-3193
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201608-297
value:	LOW
Trust: 0.6
VULHUB:	VHN-92012
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2016-3193
severity:	LOW
baseScore:	3.5
vectorString:	AV:N/AC:M/AU:S/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	6.8
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-92012
severity:	LOW
baseScore:	3.5
vectorString:	AV:N/AC:M/AU:S/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	6.8
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-3193
baseSeverity:	MEDIUM
baseScore:	5.4
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.3
impactScore:	2.7
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-92012 // JVNDB: JVNDB-2016-004418 // CNNVD: CNNVD-201608-297 // NVD: CVE-2016-3193

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-92012 // JVNDB: JVNDB-2016-004418 // NVD: CVE-2016-3193

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201608-297

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201608-297

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-004418

PATCH

title:	FortiManager and FortiAnalyzer Persistent XSS vulnerability	url:	http://fortiguard.com/advisory/fortimanager-and-fortianalyzer-persistent-xss-vulnerability-1	Trust: 0.8
title:	Fortinet FortiManager and FortiAnalyzer Fixes for cross-site scripting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63667	Trust: 0.6

sources: JVNDB: JVNDB-2016-004418 // CNNVD: CNNVD-201608-297

EXTERNAL IDS

db:	NVD	id:	CVE-2016-3193	Trust: 2.8
db:	BID	id:	92458	Trust: 2.0
db:	SECTRACK	id:	1036550	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-004418	Trust: 0.8
db:	CNNVD	id:	CNNVD-201608-297	Trust: 0.7
db:	VULHUB	id:	VHN-92012	Trust: 0.1

sources: VULHUB: VHN-92012 // BID: 92458 // JVNDB: JVNDB-2016-004418 // CNNVD: CNNVD-201608-297 // NVD: CVE-2016-3193

REFERENCES

url:	http://fortiguard.com/advisory/fortimanager-and-fortianalyzer-persistent-xss-vulnerability-1	Trust: 2.0
url:	http://www.securityfocus.com/bid/92458	Trust: 1.7
url:	http://www.securitytracker.com/id/1036550	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3193	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3193	Trust: 0.8
url:	http://www.fortinet.com/	Trust: 0.3

sources: VULHUB: VHN-92012 // BID: 92458 // JVNDB: JVNDB-2016-004418 // CNNVD: CNNVD-201608-297 // NVD: CVE-2016-3193

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 92458

SOURCES

db:	VULHUB	id:	VHN-92012
db:	BID	id:	92458
db:	JVNDB	id:	JVNDB-2016-004418
db:	CNNVD	id:	CNNVD-201608-297
db:	NVD	id:	CVE-2016-3193

LAST UPDATE DATE

2024-08-14T14:57:52.819000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-92012	date:	2017-08-16T00:00:00
db:	BID	id:	92458	date:	2016-08-09T00:00:00
db:	JVNDB	id:	JVNDB-2016-004418	date:	2016-08-23T00:00:00
db:	CNNVD	id:	CNNVD-201608-297	date:	2016-08-22T00:00:00
db:	NVD	id:	CVE-2016-3193	date:	2017-08-16T01:29:06.867

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-92012	date:	2016-08-19T00:00:00
db:	BID	id:	92458	date:	2016-08-09T00:00:00
db:	JVNDB	id:	JVNDB-2016-004418	date:	2016-08-23T00:00:00
db:	CNNVD	id:	CNNVD-201608-297	date:	2016-08-16T00:00:00
db:	NVD	id:	CVE-2016-3193	date:	2016-08-19T21:59:05.463