Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability

Overview

Fortinet Fortiweb prior to version 5.2.0 do not sufficiently verify whether a valid request was intentionally provided by the user, which results in a cross-site request forgery (CSRF) vulnerability. (CWE-352)

Description

CWE-352: Cross-Site Request Forgery (CSRF)

Fortinet Fortiweb prior to version 5.2.0 do not sufficiently verify whether a valid request was intentionally provided by the user. The cross-site request forgery (CSRF) vulnerability lies in /system/config/adminadd.

---

Impact

A remote unauthenticated attacker may be able to trick an authenticated user into making an unintentional request to the web server via a URL, image load, XMLHttpRequest, etc, which will be treated as an authentic request and may result in information leakage or code execution.

---

Solution

Apply an Update

Fortiweb 5.2.0 has been released to address several CSRF vulnerabilities including this one.

---

Vendor Information

902790

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Fortinet, Inc. Affected

Notified: November 20, 2013 Updated: December 06, 2013

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

CVSS Metrics

Group	Score	Vector
Base	5.8	AV:N/AC:M/Au:N/C:P/I:P/A:N
Temporal	4.5	E:POC/RL:OF/RC:C
Environmental	1.3	CDP:L/TD:L/CR:M/IR:M/AR:L

References

• <http://www.fortiguard.com/advisory/FG-IR-14-013/&gt;
• <http://cwe.mitre.org/data/definitions/352.html&gt;
• <http://www.fortinet.com/products/fortiweb/&gt;

Acknowledgements

Thanks to William Costa for reporting this vulnerability.

This document was written by Jared Allar.

Other Information

CVE IDs:	CVE-2014-3115
Date Public:	2014-05-02 Date First Published: