Lucene search
Tenable8670.PRMHistoryApr 09, 2015 - 12:00 a.m.
FortiWeb 4.x / 5.x < 5.0.3 Multiple Vulnerabilities
2015-04-0900:00:00
Tenable
www.tenable.com
8
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
0.002
Percentile
61.3%
The remote host is running FortiWeb 4.x / 5.x prior to 5.0.3. It is, therefore, affected by multiple vulnerabilities :
- FortiWeb is affected by a cross-site scripting vulnerability due to a failure to sanitize user-supplied input. (CVE-2014-1955)
- FortiWeb is affected by an unspecified HTTP header injection vulnerability. (CVE-2014-1956)
- FortiWeb is affected by an unspecified privilege escalation vulnerability. (CVE-2014-1957)
Binary data 8670.prmRelated
nessus
nessus
Fortinet FortiWeb 4.x / 5.x < 5.0.3 Multiple Vulnerabilities
2014-04-15 00:00:00
fortinet
fortinet
FortiWeb Multiple Vulnerabilities
2014-02-13 00:00:00
openvas
openvas
Fortinet FortiWeb Multiple Vulnerabilities (FG-IR-13-009)
2015-02-11 00:00:00
cvelist
cvelist
nvd
nvd
prion
prion
Crlf injection
2014-04-30 14:22:00
Cross site scripting
2014-04-30 14:22:00
Design/Logic Flaw
2014-04-30 14:22:00
cve
cve
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
0.002
Percentile
61.3%
Related for 8670.PRM