ID

VAR-201906-0200


CVE

CVE-2019-5586


TITLE

Fortinet FortiOS Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2019-005190

DESCRIPTION

A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to execute unauthorized malicious script code via the "param" parameter of the error process HTTP requests. Fortinet FortiOS Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. Fortinet FortiOS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Fortinet FortiOS 5.2.0 through 6.0.4 are vulnerable. Fortinet FortiOS is a set of security operating system dedicated to the FortiGate network security platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. The SSL VPN web portal in Fortinet FortiOS versions 5.2.0 to 5.6.10 and 6.0.0 to 6.0.4 has a cross-site scripting vulnerability. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code

Trust: 1.98

sources: NVD: CVE-2019-5586 // JVNDB: JVNDB-2019-005190 // BID: 108610 // VULHUB: VHN-157021

AFFECTED PRODUCTS

vendor:fortinetmodel:fortiosscope:lteversion:6.0.4

Trust: 1.0

vendor:fortinetmodel:fortiosscope:gteversion:5.2.0

Trust: 1.0

vendor:fortinetmodel:fortiosscope:eqversion:5.2.0 to 6.0.4

Trust: 0.8

vendor:fortinetmodel:fortiosscope:eqversion:6.0.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:6.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.9

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.11

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.10

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.9

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.13

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.12

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.11

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.8

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.7

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.6

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.5

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.4

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.3

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.6.1

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.4.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.10

Trust: 0.3

vendor:fortinetmodel:fortiosscope:eqversion:5.2.0

Trust: 0.3

vendor:fortinetmodel:fortiosscope:neversion:6.2

Trust: 0.3

vendor:fortinetmodel:fortiosscope:neversion:6.0.5

Trust: 0.3

sources: BID: 108610 // JVNDB: JVNDB-2019-005190 // NVD: CVE-2019-5586

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-5586
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-5586
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201905-1022
value: MEDIUM

Trust: 0.6

VULHUB: VHN-157021
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-5586
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-157021
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-5586
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.7
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-157021 // JVNDB: JVNDB-2019-005190 // CNNVD: CNNVD-201905-1022 // NVD: CVE-2019-5586

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-157021 // JVNDB: JVNDB-2019-005190 // NVD: CVE-2019-5586

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-1022

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201905-1022

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-005190

PATCH

title:FG-IR-19-034url:https://fortiguard.com/advisory/FG-IR-19-034

Trust: 0.8

title:Fortinet FortiOS Fixes for cross-site scripting vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92974

Trust: 0.6

sources: JVNDB: JVNDB-2019-005190 // CNNVD: CNNVD-201905-1022

EXTERNAL IDS

db:NVDid:CVE-2019-5586

Trust: 2.8

db:BIDid:108610

Trust: 2.0

db:JVNDBid:JVNDB-2019-005190

Trust: 0.8

db:CNNVDid:CNNVD-201905-1022

Trust: 0.7

db:VULHUBid:VHN-157021

Trust: 0.1

sources: VULHUB: VHN-157021 // BID: 108610 // JVNDB: JVNDB-2019-005190 // CNNVD: CNNVD-201905-1022 // NVD: CVE-2019-5586

REFERENCES

url:http://www.securityfocus.com/bid/108610

Trust: 2.9

url:https://fortiguard.com/advisory/fg-ir-19-034

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-5586

Trust: 1.4

url:https://www.fortinet.com/products/fortigate/fortios.html

Trust: 0.9

url:https://fortiguard.com/psirt/fg-ir-19-034

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5586

Trust: 0.8

url:https://vigilance.fr/vulnerability/fortios-cross-site-scripting-via-the-vpn-portal-29412

Trust: 0.6

sources: VULHUB: VHN-157021 // BID: 108610 // JVNDB: JVNDB-2019-005190 // CNNVD: CNNVD-201905-1022 // NVD: CVE-2019-5586

CREDITS

Aaron Hall from Verizon Media Group (Oath),Aaron Hall from Verizon Media Group (Oath).

Trust: 0.6

sources: CNNVD: CNNVD-201905-1022

SOURCES

db:VULHUBid:VHN-157021
db:BIDid:108610
db:JVNDBid:JVNDB-2019-005190
db:CNNVDid:CNNVD-201905-1022
db:NVDid:CVE-2019-5586

LAST UPDATE DATE

2024-08-14T15:38:53.428000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-157021date:2019-10-23T00:00:00
db:BIDid:108610date:2019-05-24T00:00:00
db:JVNDBid:JVNDB-2019-005190date:2019-06-17T00:00:00
db:CNNVDid:CNNVD-201905-1022date:2019-10-24T00:00:00
db:NVDid:CVE-2019-5586date:2019-10-23T20:15:14.413

SOURCES RELEASE DATE

db:VULHUBid:VHN-157021date:2019-06-04T00:00:00
db:BIDid:108610date:2019-05-24T00:00:00
db:JVNDBid:JVNDB-2019-005190date:2019-06-17T00:00:00
db:CNNVDid:CNNVD-201905-1022date:2019-05-27T00:00:00
db:NVDid:CVE-2019-5586date:2019-06-04T22:29:00.237