Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Fortinet FortiAnalyzer, FortiManager by Fortinet, Inc.

    CVE-2017-3126 (GCVE-0-2017-3126)

    Vulnerability from nvd – Published: 2017-05-26 22:00 – Updated: 2024-10-25 14:14
    VLAI
    Summary
    An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Open redirect
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1038540 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/98557 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1038539 vdb-entryx_refsource_SECTRACK
    https://fortiguard.com/psirt/FG-IR-17-014 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Fortinet, Inc. Fortinet FortiAnalyzer, FortiManager Affected: FortiAnalyzer 5.4.2, 5.4.1, 5.4.0
    Affected: FortiManager 5.4.2, 5.4.1, 5.4.0
    Create a notification for this product.
    Date Public
    2017-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T14:16:28.200Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1038540",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038540"
              },
              {
                "name": "98557",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/98557"
              },
              {
                "name": "1038539",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038539"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/psirt/FG-IR-17-014"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2017-3126",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T14:00:52.755671Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-25T14:14:04.358Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Fortinet FortiAnalyzer, FortiManager",
              "vendor": "Fortinet, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "FortiAnalyzer 5.4.2, 5.4.1, 5.4.0"
                },
                {
                  "status": "affected",
                  "version": "FortiManager 5.4.2, 5.4.1, 5.4.0"
                }
              ]
            }
          ],
          "datePublic": "2017-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Open redirect",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-07T09:57:01.000Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "1038540",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038540"
            },
            {
              "name": "98557",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/98557"
            },
            {
              "name": "1038539",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038539"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://fortiguard.com/psirt/FG-IR-17-014"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@fortinet.com",
              "ID": "CVE-2017-3126",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Fortinet FortiAnalyzer, FortiManager",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FortiAnalyzer 5.4.2, 5.4.1, 5.4.0"
                              },
                              {
                                "version_value": "FortiManager 5.4.2, 5.4.1, 5.4.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Fortinet, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Open redirect"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1038540",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038540"
                },
                {
                  "name": "98557",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/98557"
                },
                {
                  "name": "1038539",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038539"
                },
                {
                  "name": "https://fortiguard.com/psirt/FG-IR-17-014",
                  "refsource": "CONFIRM",
                  "url": "https://fortiguard.com/psirt/FG-IR-17-014"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2017-3126",
        "datePublished": "2017-05-26T22:00:00.000Z",
        "dateReserved": "2016-12-02T00:00:00.000Z",
        "dateUpdated": "2024-10-25T14:14:04.358Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-3126 (GCVE-0-2017-3126)

    Vulnerability from cvelistv5 – Published: 2017-05-26 22:00 – Updated: 2024-10-25 14:14
    VLAI
    Summary
    An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Open redirect
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1038540 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/98557 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1038539 vdb-entryx_refsource_SECTRACK
    https://fortiguard.com/psirt/FG-IR-17-014 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Fortinet, Inc. Fortinet FortiAnalyzer, FortiManager Affected: FortiAnalyzer 5.4.2, 5.4.1, 5.4.0
    Affected: FortiManager 5.4.2, 5.4.1, 5.4.0
    Create a notification for this product.
    Date Public
    2017-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T14:16:28.200Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1038540",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038540"
              },
              {
                "name": "98557",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/98557"
              },
              {
                "name": "1038539",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038539"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://fortiguard.com/psirt/FG-IR-17-014"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2017-3126",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-23T14:00:52.755671Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-25T14:14:04.358Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Fortinet FortiAnalyzer, FortiManager",
              "vendor": "Fortinet, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "FortiAnalyzer 5.4.2, 5.4.1, 5.4.0"
                },
                {
                  "status": "affected",
                  "version": "FortiManager 5.4.2, 5.4.1, 5.4.0"
                }
              ]
            }
          ],
          "datePublic": "2017-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Open redirect",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-07T09:57:01.000Z",
            "orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
            "shortName": "fortinet"
          },
          "references": [
            {
              "name": "1038540",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038540"
            },
            {
              "name": "98557",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/98557"
            },
            {
              "name": "1038539",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038539"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://fortiguard.com/psirt/FG-IR-17-014"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@fortinet.com",
              "ID": "CVE-2017-3126",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Fortinet FortiAnalyzer, FortiManager",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "FortiAnalyzer 5.4.2, 5.4.1, 5.4.0"
                              },
                              {
                                "version_value": "FortiManager 5.4.2, 5.4.1, 5.4.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Fortinet, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Open redirect"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1038540",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038540"
                },
                {
                  "name": "98557",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/98557"
                },
                {
                  "name": "1038539",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038539"
                },
                {
                  "name": "https://fortiguard.com/psirt/FG-IR-17-014",
                  "refsource": "CONFIRM",
                  "url": "https://fortiguard.com/psirt/FG-IR-17-014"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
        "assignerShortName": "fortinet",
        "cveId": "CVE-2017-3126",
        "datePublished": "2017-05-26T22:00:00.000Z",
        "dateReserved": "2016-12-02T00:00:00.000Z",
        "dateUpdated": "2024-10-25T14:14:04.358Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }