Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.FORTIGATE_FG-IR-23-106.NASLHistorySep 13, 2023 - 12:00 a.m.
Fortinet Fortigate xss (FG-IR-23-106)
2023-09-1300:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
41
fortigate
xss
vulnerability
fortiproxy
fortios
gui
cwe-79
cve-2023-29183
nessus scanner
CVSS3
8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RC:R
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
27.2%
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-106 advisory.
- An improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability [CWE-79] in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated attacker to trigger malicious JavaScript code execution via crafted guest management setting. (CVE-2023-29183)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(181358);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/22");
script_cve_id("CVE-2023-29183");
script_xref(name:"IAVA", value:"2023-A-0486");
script_name(english:"Fortinet Fortigate xss (FG-IR-23-106)");
script_set_attribute(attribute:"synopsis", value:
"Remote host is affected by a xss vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a
vulnerability as referenced in the FG-IR-23-106 advisory.
- An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability
[CWE-79] in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0
through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated attacker to
trigger malicious JavaScript code execution via crafted guest management setting. (CVE-2023-29183)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://www.fortiguard.com/psirt/FG-IR-23-106");
script_set_attribute(attribute:"solution", value:
"Please upgrade to FortiProxy version 7.2.5 or above
Please upgrade to FortiProxy version 7.0.11 or above
Please upgrade to FortiOS version 7.4.0 or above
Please upgrade to FortiOS version 7.2.5 or above
Please upgrade to FortiOS version 7.0.12 or above
Please upgrade to FortiOS version 6.4.13 or above
Please upgrade to FortiOS version 6.2.15 or above");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-29183");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/09/13");
script_set_attribute(attribute:"patch_publication_date", value:"2023/09/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/09/13");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fortinet:fortios");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Firewalls");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("fortinet_version.nbin");
script_require_keys("Host/Fortigate/model", "Host/Fortigate/version");
exit(0);
}
include('vcf_extras_fortios.inc');
var app_name = 'Fortigate';
var app_info = vcf::get_app_info(app:app_name, kb_ver:'Host/Fortigate/version');
vcf::fortios::verify_product_and_model(product_name:app_name);
var constraints = [
{ 'min_version' : '6.2.0', 'max_version' : '6.2.14', 'fixed_version' : '6.2.15' },
{ 'min_version' : '6.4.0', 'max_version' : '6.4.12', 'fixed_version' : '6.4.13' },
{ 'min_version' : '7.0.0', 'max_version' : '7.0.11', 'fixed_version' : '7.0.12' },
{ 'min_version' : '7.2.0', 'max_version' : '7.2.4', 'fixed_version' : '7.2.5' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING,
flags:{'xss':TRUE}
);
Related
cvelist
cvelist
CVE-2023-29183
2023-09-13 12:29:55
nvd
nvd
CVE-2023-29183
2023-09-13 13:15:08
fortinet
fortinet
Protect
2023-09-13 00:00:00
cve
cve
CVE-2023-29183
2023-09-13 13:15:08
prion
prion
Cross site scripting
2023-09-13 13:15:00
ics
ics
Siemens RUGGEDCOM APE1808 with Fortigate NGFW Devices
2024-03-14 12:00:00
CVSS3
8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RC:R
AI Score
5.8
Confidence
High
EPSS
0.001
Percentile
27.2%
Related for FORTIGATE_FG-IR-23-106.NASL