Sign-up

ID

VAR-201906-0200


CVE

CVE-2019-5586


TITLE

Fortinet FortiOS Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2019-005190

DESCRIPTION

A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "param" parameter of the error process HTTP requests. Fortinet FortiOS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Fortinet FortiOS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Fortinet FortiOS 5.2.0 through 6.0.4 are vulnerable. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. The SSL VPN web portal in Fortinet FortiOS versions 5.2.0 to 5.6.10 and 6.0.0 to 6.0.4 has a cross-site scripting vulnerability. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code

Trust: 1.98

sources: NVD: CVE-2019-5586 // JVNDB: JVNDB-2019-005190 // BID: 108610 // VULHUB: VHN-157021

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiosscope:lteversion:6.0.4

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:5.2.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.2.0 to 6.0.4

Trust: 0.8

vendor:fortinetmodel:fortiosscope:eqversion:6.0.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.9

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.11

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.10

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.9

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.13

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.12

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.11

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.10

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:neversion:6.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:neversion:6.0.5

Trust: 0.3

sources: BID: 108610 // JVNDB: JVNDB-2019-005190 // NVD: CVE-2019-5586

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-5586
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-5586
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201905-1022
value: MEDIUM

Trust: 0.6

VULHUB: VHN-157021
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-5586
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-157021
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-5586
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.7
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-157021 // JVNDB: JVNDB-2019-005190 // CNNVD: CNNVD-201905-1022 // NVD: CVE-2019-5586

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-157021 // JVNDB: JVNDB-2019-005190 // NVD: CVE-2019-5586

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-1022

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201905-1022

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-005190

PATCH
title:FG-IR-19-034url:https://fortiguard.com/advisory/FG-IR-19-034
Trust: 0.8
title:Fortinet FortiOS Fixes for cross-site scripting vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92974
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-005190 // 
            
            
            
            CNNVD: CNNVD-201905-1022

EXTERNAL IDS
db:NVDid:CVE-2019-5586
Trust: 2.8
db:BIDid:108610
Trust: 2.0
db:JVNDBid:JVNDB-2019-005190
Trust: 0.8
db:CNNVDid:CNNVD-201905-1022
Trust: 0.7
db:VULHUBid:VHN-157021
Trust: 0.1
sources:
            
            
            VULHUB: VHN-157021 // 
            
            
            
            BID: 108610 // 
            
            
            
            JVNDB: JVNDB-2019-005190 // 
            
            
            
            CNNVD: CNNVD-201905-1022 // 
            
            
            
            NVD: CVE-2019-5586

REFERENCES
url:http://www.securityfocus.com/bid/108610
Trust: 2.9
url:https://fortiguard.com/advisory/fg-ir-19-034
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2019-5586
Trust: 1.4
url:https://www.fortinet.com/products/fortigate/fortios.html
Trust: 0.9
url:https://fortiguard.com/psirt/fg-ir-19-034
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5586
Trust: 0.8
url:https://vigilance.fr/vulnerability/fortios-cross-site-scripting-via-the-vpn-portal-29412
Trust: 0.6
sources:
            
            
            VULHUB: VHN-157021 // 
            
            
            
            BID: 108610 // 
            
            
            
            JVNDB: JVNDB-2019-005190 // 
            
            
            
            CNNVD: CNNVD-201905-1022 // 
            
            
            
            NVD: CVE-2019-5586

CREDITS
Aaron Hall from Verizon Media Group (Oath),Aaron Hall from Verizon Media Group (Oath).
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201905-1022

SOURCES
db:VULHUBid:VHN-157021
db:BIDid:108610
db:JVNDBid:JVNDB-2019-005190
db:CNNVDid:CNNVD-201905-1022
db:NVDid:CVE-2019-5586

LAST UPDATE DATE
2024-08-14T15:38:53.428000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-157021date:2019-10-23T00:00:00
db:BIDid:108610date:2019-05-24T00:00:00
db:JVNDBid:JVNDB-2019-005190date:2019-06-17T00:00:00
db:CNNVDid:CNNVD-201905-1022date:2019-10-24T00:00:00
db:NVDid:CVE-2019-5586date:2019-10-23T20:15:14.413

SOURCES RELEASE DATE
db:VULHUBid:VHN-157021date:2019-06-04T00:00:00
db:BIDid:108610date:2019-05-24T00:00:00
db:JVNDBid:JVNDB-2019-005190date:2019-06-17T00:00:00
db:CNNVDid:CNNVD-201905-1022date:2019-05-27T00:00:00
db:NVDid:CVE-2019-5586date:2019-06-04T22:29:00.237