Details of VAR-201711-1073

ID

VAR-201711-1073

CVE

CVE-2017-7736

TITLE

Fortinet FortiWeb Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2017-010503

DESCRIPTION

A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special crafted malicious certificate import. Fortinet FortiWeb Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Fortinet Fortiweb is prone to an HTML-injection vulnerability because they fail to sanitize user-supplied input Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. Fortinet Fortiweb versions prior to 5.8.1 and 5.7.2 are vulnerable. Fortinet FortiWeb is a web application layer firewall developed by Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, etc., to ensure the security of web applications and protect sensitive database content. Fortinet Fortiweb versions prior to 5.8.1 and versions prior to 5.7.2 have a cross-site scripting vulnerability, which stems from the fact that the program does not properly sanitize user-submitted input

Trust: 1.98

sources: NVD: CVE-2017-7736 // JVNDB: JVNDB-2017-010503 // BID: 101916 // VULHUB: VHN-115939

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.8.0	Trust: 2.4
vendor:	fortinet	model:	fortiweb	scope:	lte	version:	5.7.1	Trust: 1.8
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.7.1	Trust: 0.9
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.8	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.5.3	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.5.2	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.5.1	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.5	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.3.5	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.3.4	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.3.3	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.3.2	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.3.1	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.2.1	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.1	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.0.4	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.0.3	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.2.0	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.1.4	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.1.3	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.1.2	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	eq	version:	5.0	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	ne	version:	5.8.1	Trust: 0.3
vendor:	fortinet	model:	fortiweb	scope:	ne	version:	5.7.2	Trust: 0.3

sources: BID: 101916 // JVNDB: JVNDB-2017-010503 // CNNVD: CNNVD-201711-899 // NVD: CVE-2017-7736

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-7736
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-7736
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201711-899
value:	LOW
Trust: 0.6
VULHUB:	VHN-115939
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2017-7736
severity:	LOW
baseScore:	3.5
vectorString:	AV:N/AC:M/AU:S/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	6.8
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-115939
severity:	LOW
baseScore:	3.5
vectorString:	AV:N/AC:M/AU:S/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	6.8
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-7736
baseSeverity:	MEDIUM
baseScore:	5.4
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	2.3
impactScore:	2.7
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-115939 // JVNDB: JVNDB-2017-010503 // CNNVD: CNNVD-201711-899 // NVD: CVE-2017-7736

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-115939 // JVNDB: JVNDB-2017-010503 // NVD: CVE-2017-7736

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201711-899

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201711-899

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-010503

PATCH

title:	FG-IR-17-131	url:	https://fortiguard.com/psirt/FG-IR-17-131	Trust: 0.8
title:	Fortinet Fortiweb Fixes for cross-site scripting vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76630	Trust: 0.6

sources: JVNDB: JVNDB-2017-010503 // CNNVD: CNNVD-201711-899

EXTERNAL IDS

db:	NVD	id:	CVE-2017-7736	Trust: 2.8
db:	BID	id:	101916	Trust: 2.0
db:	JVNDB	id:	JVNDB-2017-010503	Trust: 0.8
db:	CNNVD	id:	CNNVD-201711-899	Trust: 0.7
db:	VULHUB	id:	VHN-115939	Trust: 0.1

sources: VULHUB: VHN-115939 // BID: 101916 // JVNDB: JVNDB-2017-010503 // CNNVD: CNNVD-201711-899 // NVD: CVE-2017-7736

REFERENCES

url:	http://www.securityfocus.com/bid/101916	Trust: 1.7
url:	https://fortiguard.com/advisory/fg-ir-17-131	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7736	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7736	Trust: 0.8
url:	http://www.fortinet.com/	Trust: 0.3
url:	http://fortiguard.com/psirt/fg-ir-17-131	Trust: 0.3

sources: VULHUB: VHN-115939 // BID: 101916 // JVNDB: JVNDB-2017-010503 // CNNVD: CNNVD-201711-899 // NVD: CVE-2017-7736

CREDITS

Hassan Kooshkaki

Trust: 0.9

sources: BID: 101916 // CNNVD: CNNVD-201711-899

SOURCES

db:	VULHUB	id:	VHN-115939
db:	BID	id:	101916
db:	JVNDB	id:	JVNDB-2017-010503
db:	CNNVD	id:	CNNVD-201711-899
db:	NVD	id:	CVE-2017-7736

LAST UPDATE DATE

2024-08-14T15:18:35.433000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-115939	date:	2017-12-07T00:00:00
db:	BID	id:	101916	date:	2017-12-19T22:00:00
db:	JVNDB	id:	JVNDB-2017-010503	date:	2017-12-15T00:00:00
db:	CNNVD	id:	CNNVD-201711-899	date:	2017-11-24T00:00:00
db:	NVD	id:	CVE-2017-7736	date:	2017-12-07T16:32:33.357

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-115939	date:	2017-11-22T00:00:00
db:	BID	id:	101916	date:	2017-11-17T00:00:00
db:	JVNDB	id:	JVNDB-2017-010503	date:	2017-12-15T00:00:00
db:	CNNVD	id:	CNNVD-201711-899	date:	2017-11-24T00:00:00
db:	NVD	id:	CVE-2017-7736	date:	2017-11-22T17:29:00.563